problems with Secure Flight

what is "Secure Flight?".

HoustonChronicle.com -- http://www.HoustonChronicle.com | Section: Local & State


Aug. 27, 2005, 11:39AM

Bush airport security breach prompts TSA review
After long delays Thursday, flights back on schedule
By ROSANNA RUIZ
Copyright 2005 Houston Chronicle

Transportation Security Administration officials were reviewing safety procedures Friday, a day after two women squeezed through a checkpoint, prompting a shutdown of most of George Bush International Airport for several hours.

Two women shut down Bush Airport for hours as they apparently slipped through a metal detector that wasn't turned on.

chertoff wants congress to drop the ban on invasion of privacy

Battle escalates over fliers' personal data

He who trades privacy for security will find himself with neither.

RegisteredTraveler Interoperability consortium

Aug. 18, 2005



MB airport joins traveler registry
Fliers who have data entered can expedite security screening
By Garrison Wells
The Sun News

Passengers rolling through Myrtle Beach International Airport may find it less of a hassle in the future.

The airport has joined the Registered Traveler Interoperability Consortium, a collection of 34 airports in the U.S. with a mission to streamline the processing of passengers through security, improve safety and develop a system that can be used nationwide from airport to airport.

"If we can be involved in a process that will allow a smoother transition through the screening checkpoint, we would certainly make every effort to do that," said Bob Woods, assistant director at Myrtle Beach International.

Under a "registered traveler" program backed by the consortium and being evaluated by the Transportation Security Administration, travelers would provide information such as name, address, date of birth and biometric data including a fingerprint and iris scan.

Those travelers would use a biometric kiosk, then a separate lane for security at their home airports. They also would not be selected for secondary screening.

The consortium wants to see some kind of system like that at all airports in the U.S.

"Just as credit cards are accepted once issued at most businesses around the country, if you signed up as a registered traveler in Washington, D.C., you ought to be recognized as a registered traveler in ... any other airport around the country," said Carter Morris, senior vice president of the American Association of Airport Executives.

The association is behind the consortium.

In Myrtle Beach, how much of a difference such a program would make is not clear.

The average wait for screening is about five minutes, Woods said.

"Sometimes on weekends, especially Saturdays, we get longer lines, but typically our backup, like other small to medium-sized airports, is not significant," he said.

To Trina Murray, a 42-year-old housewife from Washington, D.C., who was at Myrtle Beach International on Wednesday, the wait is worth it.

Being from the nation's capital and using D.C. airports, she knows all about airport security and screening.

Expedited security lanes and the use of cards to get through quicker might make air travel less secure because there is no guarantee that someone who already has been screened still will be safe, Murray said. For example, she said, what if someone has had a bad day just before a flight?

"I wouldn't like it," she said. "Sometimes people are safe, other times they are not."



Source: Aviation Consumer Protection Division, U.S. Department of Transportation

Put your money on surveillance tech

biometrics big growth industry.

throwing stars are back

Feds may ease airline security measures
TSA mulls proposal to allow knives, throwing stars, arrows onboard
By Sara Kehaulani Goo
The Washington Post
Updated: 11:26 p.m. ET Aug. 12, 2005


Douglas R. Laird, former head of security for Northwest Airlines, said the proposal was a step backward. Laird said exempting certain categories of passengers from security screening would be dangerous because trusted groups have occasionally abused the privilege. "In an effort to be customer friendly, they're forgetting that their primary requirement is to keep airplanes safe," Laird said. "Either you screen everybody or why screen anybody?"

Read the whole story.

government privacy watchdog still not operational

Privacy Group still not off the ground.

VIP links up with Iris recognition firm

August 09, 2005 09:01 AM US Eastern Timezone

Iridian Technologies Selected by Verified ID for the Orlando ''Clear'' Registered Traveler Program; Iris Recognition Facilitates Traveler Security Screening Process

MOORESTOWN, N.J.--(BUSINESS WIRE)--Aug. 9, 2005--Iridian Technologies, the world leader in the development and commercialization of iris recognition technology, today disclosed that its ProofPositive(TM) technology is the basis for identifying registered travelers with iris recognition in the "Clear" program recently launched by Verified Identity Pass at the Orlando International Airport (OIA). Iridian has joined in this effort with Verified Identity Pass, Inc. and Lockheed Martin.


"CLEAR", a privately run program, offers travelers the opportunity to enroll for an annual fee of $79.95, allowing expedited access at security checkpoints at the airport. The three step enrollment process starts at www.flyclear.com where applicants complete a basic enrollment form. Next, they head to the airport to submit their biometrics (fingerprint and iris images) along with two pieces of government-issued identification at one of the four ClearSpace enrollment stations at Orlando International. Finally, once the application has been screened and approved by the Transportation Security Administration (TSA), a Clear Card will be issued for use at the Orlando Airport's ClearLane.

CLEAR is unique in this country as an airport biometric screening program that is managed by a private company, Verified Identity Pass, Inc., founded in 2003 by Steven Brill (www.verifiedidpass.com). Some 30,000 travelers were expected to enroll in the program in Orlando this year, but with more than 6,000 applicants already received in just six weeks of operation, the program is now expected to exceed that target. Verified Identity Pass hopes to expand its services to other airports soon.

"We are delighted that Iridian's market-leading iris recognition technology was chosen as an enabler to help expedite and heighten security procedures at Orlando," said Jerry Ruddle, Vice President, Global Sales and Marketing of Iridian. "We are pleased to have the opportunity to work with Verified Identity Pass and Lockheed Martin on this important deployment. Our relationship sets a firm foundation for enabling other airports and travelers with similar conveniences."

Ruddle further observed, "Traditionally, iris recognition has been known as the most accurate non-invasive biometric, and is now becoming recognized as the most convenient. Users appreciate the speed and the fact that you don't have to touch anything."

Iridian's iris recognition has also been deployed at all five of the TSA's Registered Traveler Pilot Program airports: Minneapolis-St.Paul, Los Angeles, Houston, Boston and Washington D.C.'s Reagan National.

Iridian has experienced rapidly accelerating adoption of its technology over the past two years with other installations, such as Canadian CANPASS program, the US/Canada NEXUS Air immigration program, a United Nations refugee repatriation program and immigration programs in the Netherlands, the UK, Germany and Japan.

About Iris Recognition Technology

Iris recognition technology identifies people by the unique patterns of the iris - the colored ring around the pupil of the eye. Iris recognition is non-invasive, easy to use, and the most accurate biometric for secure identification.

Iridian's patented PrivateID technology includes camera drivers for IrisCode template creation using standard video technology without bright lights or lasers. KnoWho Authentication Server is Iridian's highly scalable server that provides interoperability for all Private ID-enabled cameras and applications. This one-to-all security solution ensures individual authentication against millions of records, and is ideal for public-use applications such as border control or simplified passenger travel as well as aid programs and election verification

About Iridian Technologies

Iridian Technologies, Inc. of Moorestown, NJ develops and commercializes software for iris recognition - renowned as one of the most accurate biometric identifiers. The holder of US and international patents behind iris recognition technologies, Iridian offers unparalleled security for public-use applications such as simplified passenger travel, border control, national IDs, as well as physical building access and information access. For more information, visit www.iridiantech.com.

Note: ProofPositive is a trademark of Iridian Technologies, Inc. IrisCode, PrivateID and KnoWho are registered trademarks of Iridian Technologies, Inc.

Contacts


Iridian Technologies, Inc., Moorestown
Talvis McLaughlin, 856-222-3160
tmclaughlin@iridiantech.com

Electornic Passports frustrate impersonators

Electronic Passports.

The Dirty Cop Problem

excerpt from the NYTIMES.com
August 7, 2005
Europe Zips Lips; U.S. Sells ZIPs
By ERIC DASH
European data protection policies emerged in the early 1970's, when the German state of Hesse enacted the first set of data privacy laws.

"This was still a generation with memory of World War II that knew how Nazis and fascists would use personal information against their enemies," said Evan Hendricks, the editor of Privacy Times, an advocacy newsletter. "If you were going to protect liberty, you had to ensure there was fairness in the protection of information."

Government use of commercial data for homeland security purposes

6 August 2005
Source: http://www.access.gpo.gov/su_docs/aces/fr-cont.html

-----------------------------------------------------------------------

[Federal Register: August 5, 2005 (Volume 70, Number 150)]
[Notices]
[Page 45408-45409]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr05au05-68]

=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Office of the Secretary


Public Workshop: Privacy and Technology: Government Use of
Commercial Data for Homeland Security

AGENCY: Privacy Office, Department of Homeland Security.

ACTION: Notice announcing public workshop.

-----------------------------------------------------------------------

SUMMARY: The Department of Homeland Security Privacy Office will host a
public workshop, ``Privacy and Technology: Government Use of Commercial
Data for Homeland Security,'' to explore the policy, legal, and
technology issues associated with the government's use of personally
identifiable commercial data in protecting the homeland.

DATES: The workshop will be held on September 8, 2005, from 8 a.m. to
4:30 p.m. and on September 9, 2005, from 8:30 a.m. to 12:30 p.m.

ADDRESSES: The Privacy and Technology Workshop will be held in the
auditorium at the DHS Offices at the GSA Regional Headquarters Building
located at 7th and D Streets, SW., Washington, DC 20024.

FOR FURTHER INFORMATION CONTACT: Toby Milgrom Levin, Robyn Kaplan,
Kenneth Mortensen, or Peter Sand at Privacy Workshop, Privacy Office,
Department of Homeland Security, Arlington, VA 22202, by telephone 571-
227-3813, by facsimile 571-227-4171, or by e-mail at
privacyworkshop@dhs.gov privacyworkshop@dhs.gov>.


SUPPLEMENTARY INFORMATION:

Workshop Goals

The Department of Homeland Security (DHS) Privacy Office is holding

[[Page 45409]]

a public workshop to explore the policy, legal, and technology issues
surrounding the government's use of personally identifiable commercial
data for homeland security. The program will include a broad range of
experts and perspectives, including representatives from academia,
business leaders, privacy advocates, legal experts, technologists, and
policy leaders. In addition to the panel discussions, time will be
allotted during the workshop for questions and comments from the
audience that may be directed to each panel.

Reason for the Workshop

The government's use of technology to access and analyze vast
amounts of personally identifiable data collected by companies and data
aggregators raises important privacy concerns. The DHS Privacy Office
is holding this workshop to inform the Privacy Office, DHS, and the
public about the policy, legal, and technology issues surrounding the
government's access and use of such information for counterterrorism
and how to protect privacy given the government's need for better data
analysis.
Commercially available personal information ranges from directory
information, such as individual names, addresses, and telephone
numbers, to records of retail purchases, including travel, insurance,
and financial data, to public record information obtained from Federal,
state, and local offices, including court documents, professional
licenses, and property records.
A number of reports have been issued urging that the government
adopt standards for using such information for intelligence analysis,
including the Department of Defense, Technology and Privacy Advisory
Committee (TAPAC) Report and the two reports of the Markle Foundation's
Task Force on National Security in the Information Age.\1\ This
workshop is intended to provide a forum for considering such standards
as well as for examining whether and how information technology and
commercial data can help improve national security. Finally, the
workshop will look at technologies to aid in data analysis and
information management that are more privacy protective.
---------------------------------------------------------------------------

\1\ Technology and Privacy Advisory Commission, Safeguarding
Privacy in the Fight Against Terrorism (2004) available at http://www.sainc.com/tapac/finalreport.htm
; Markle Foundation, Task Force

on National Security in the Information Age, Creating a Trusted
Information Network for Homeland Security (2003); Markle Foundation,
Task Force on National Security in the Information Age, Protecting
American's Freedom in the Information Age (2002). The Markle reports
are available at http://www.markle.org .

---------------------------------------------------------------------------

The Workshop

The program will begin with a discussion of how government agencies
are using personally identifiable commercial data in homeland security.
Among the questions that we may examine are: What types of personally
identifiable commercial data are being used; what are the benefits of
using such data; what commercial data is needed to help identify
terrorists; can commercial data be used to reduce the incidence of
false positives, and if so, what data is needed to do so; and how
accurate is commercial data for such purposes.
The second topic will address the privacy and legal issues raised
by government use of commercial data. This panel will explore the
adequacy of current laws, particularly the Privacy Act of 1974, to
protect against government abuses when using commercial data. The panel
will also examine the privacy implications of government's use of
commercial data and whether there should be any limitations or
protections. The panel may also discuss whether there are international
laws and standards that can provide models for protecting privacy in
this context.
The third panel will focus on current and developing technologies
to aid the government in analyzing data for homeland security. This
panel will examine the technologies government agencies are using to
access and process data and whether such uses raise privacy concerns.
The panel may also discuss how to evaluate the quality of such
technologies, the accuracy of the underlying data, and whether further
research is needed before agencies invest in such technologies.
The fourth panel will examine how technology can help protect
individual privacy while enabling government agencies to analyze data.
This panel will review privacy-enhancing technologies (PETs) that
enable data analysis without disclosing the identity of individuals by
using de-identified or anonymized data. In addition, the technologists
will discuss how matching, linking, and knowledge discovery can be done
in a more privacy-sensitive manner.
The final panel will build on the discussion of the previous panels
to develop a recommended roadmap for DHS on building privacy
protections into information programs that use commercial data. This
closing panel will discuss options concerning privacy protective rules
and standards DHS can adopt without waiting for changes in law. The
panel may also consider how technology can be used as a governance tool
to ensure that the agency's privacy polices are implemented.

Registration Information

The workshop is open to the public and there is no fee for
attendance. For general security purposes, all attendees will be
required to show a valid form of photo identification, such as a
driver's license, to enter the building.
The Privacy Office will accept registration for this workshop.
Registration is not necessary to attend, but is encouraged so that we
may better plan this event. To register, please send an e-mail to the
e-mail box for the workshop, privacyworkshop@dhs.gov , indicating your
intent to attend. The Privacy Office will not retain your e-mail or e-
mail address. For additional information, including routine uses
permitted by the Privacy Act, see the DHS Privacy Policy on the DHS Web
site at http://www.dhs.gov/dhspublic/privacy.jsp .

The Privacy Office will post additional information about the
workshop, including a detailed agenda, on the DHS Privacy Office Web
site at http://www.dhs.gov/privacy prior to the event. A transcript of

the workshop will be posted shortly after the workshop.

Dated: July 25, 2005.
Nuala O'Connor Kelly,
Chief Privacy Officer Department of Homeland Security.
[FR Doc. 05-15488 Filed 8-4-05; 8:45 am]

BILLING CODE 4410-10-P

Jude Dismisses JetBlue Passenger Invasion of Privacy Suit

Updated: 8:18 a.m. ET Aug. 2, 2005


LITTLE ROCK, Ark. - JetBlue Airways passengers whose personal information was used without their knowledge in a federally funded study of aviation security didn’t show they suffered any harm and aren’t entitled to damages, a federal judge says.

U.S. District Judge Carol Bagley Amon in New York signed an order Friday dismissing a class-action lawsuit against JetBlue, Little Rock-based Acxiom Corp., Torch Concepts of Huntsville, Ala., and SRS Technologies of Newport Beach, Calif.

Acxiom and Torch are database management companies and SRS is a Department of Defense contractor. JetBlue and Acxiom supplied passenger information to Torch, an SRS subcontractor that analyzed it in an effort to ****identify people who might be a risk to military installations.***

“The only benefit JetBlue derived was ‘the potential for increased safety on its flights and the potential to prevent the use of commercial airlines as weapons that target military bases,”’ Amon wrote.

The database of former JetBlue passengers included whether they owned or rented their home, how long they had lived at that residence, the number of immediate family members, Social Security numbers and whether they owned or leased their car, the lawsuit said.