There have been several stories regarding TSA’s Secure Flight program and no-fly lists over the past few days. The major news this week is that TSA has announced that they will not use commercial data brokers in the initial deployment of Secure Flight (news presented in a News.com article and confirmed at EPIC’s overview of Secure Flight). This announcement came just before a major report by the Secure Flight Privacy/IT Working Group [pdf] was released yesterday, in which the group was highly critical of the TSA’s actions regarding Secure Flight. Bruce Schneier discusses the report more in depth in a blog entry; he was a member of the working group.
Some other major stories regarding the TSA have come forward regarding people’s difficulties with the no-fly lists and the pains they endure in trying to remove themselves from the list, once mistakenly placed on it. Wired is running a story about several people who have had bad experiences with the system, including a nun who spent ninth months on the list, missing meetings and events, until an appeal was made to Karl Rove and the situation was rectified. Another person’s dilemma is described in this Boston.com article: a pilot was placed on the no-fly list and thus effectively unable to work, all because of what seems to be a data error. The pilot is fighting the situation in court. In this case, the government is maintaining that a person’s presence on the list and reasons for being there are so secret that even in court, they will not be disclosed to the defense.
In the Wired article, Secure Flight is presented by the TSA as the solution to these types of problems. However, with so many criticisms and concerns over privacy practices and data accuracy, there is much to be done before Secure Flight will have a chance to adequately address these issues.