Comments are now closed due to spamming and personal attacks.

Twitter: https://twitter.com/huffpoclub

TSA’s Roadmap for Airport Surveillance Moves in a Dangerous Direction

Posted on Saturday, 8th December 2018 @ 02:15 PM by Text Size A | A | A

The Transportation Security Administration has set out an alarming vision of pervasive biometric surveillance at airports, which cuts against the right to privacy, the “right to travel,” and the right to anonymous association with others.

The FAA Reauthorization Act of 2018, which included language that we warned would provide implied Congressional endorsement to biometric screening of domestic travelers and U.S. citizens, became law in early October. The ink wasn’t even dry on that bill when the Transportation Security Administration (TSA) published their Biometrics Roadmap for Aviation Security and the Passenger Experience, detailing TSA’s plans to work with Customs and Border Protection (CBP) to roll out increased biometric collection and screening for all passengers, including Americans traveling domestically.

This roadmap appears to latch on to a perceived acceptance of biometrics as security keys while ignoring the pervasive challenges with accurately identifying individuals and the privacy risks associated with collecting massive amounts of biometric data. Furthermore, it provides no strategy for dealing with passengers who are unfairly misidentified.

Worst of all, while the roadmap explicitly mentions collaborating with airlines and other partners inside and outside the government, it is alarmingly silent on how TSA plans to protect a widely distributed honeypot of sensitive biometric information ripe for misuse by identity thieves, malicious actors, or even legitimate employees abusing their access privileges.

 TSA PreCheck is Not a Blank Check

The roadmap proposes significant changes to what the government can do with data collected from more than 5 million people in the TSA PreCheck program. It also proposes new programs to collect and use biometric data from American travelers who haven’t opted into the PreCheck program.

The TSA PreCheck program has long been billed as a convenient way for travelers to cut down on security wait times and speed through airports. All a traveler has to do is to sign up, pay a fee, and allow TSA to collect fingerprints for a background check. However, the roadmap outlines TSA’s plans to expand use of those prints beyond the background check to other uses throughout the airport, such as for security at the bag drop or for identity verification at security check points.

TSA has already rolled this out as a pilot program. In 2017, at Atlanta’s Hartsfield-Jackson Airport and Denver International Airport, TSA used prints from the PreCheck database and a contactless fingerprint reader to verify the identity of PreCheck-approved travelers at security checkpoints at both airports. TSA now proposes to make the pilot program permanent and to widen the biometrics used to include face recognition, iris scans, and others.

Even more concerning, the roadmap outlines a strategy to capture biometrics from American travelers who haven’t enrolled in PreCheck and who never consented to any biometric data collection from TSA. Instead of giving passengers the option to opt in, TSA plans to partner and share information with other federal and state agencies like the FBI and state Departments of Motor Vehicles to get the biometric information they want.

While Congress has authorized a biometric data collection exit program for foreign visitors—supposedly to help monitor visa compliance by using biometrics to track foreigners leaving the country—the roadmap explicitly outlines plans for TSA and CBP to collect any biometrics they want from all travelers—American or foreign, international and domestic—wherever they are in the airport. That data will be stored in a widely shared database could be used to track people outside the airport context. For example, TSA’s Precheck as well as Clear have already begun using their technology at stadiums to “allow” visitors a faster entry.

This is a big, big change. It is unprecedented for the government to collect, store, and share this kind of data, with this level of detail, with this many agencies and private partners. We know that security lines are a huge pain, but we are concerned that travelers getting used to biometric tracking in the airport context will be less concerned about tracking in other contexts and eventually throughout society at large.

Device Security and National Security Are Not the Same

The roadmap also makes the huge assumption that people will not object to this expanded collection. It states that “popular perceptions [of biometrics] have evolved to appreciate the convenience and security biometric solutions can offer in the commercial aviation sector.” In other words, it claims that travelers using biometrics like fingerprints and facial recognition programs to unlock their phones and laptops, will be less concerned about Department of Homeland Security agencies collecting biometrics to store in government databases for unspecified, myriad uses.

The problem with this claim is that those two things are not the same.

Apple software, for one example, allows consumers to use biometrics (currently, fingerprints and faceprints) to unlock their devices. However, Apple has specifically built in privacy and security protections that prevent the biometric data from being stolen. Apple does not enable third party software to access the original biometric data. Plus, unlike federal agencies, Apple stores the original biometric information on your phone, not in a central, searchable database intended for use by multiple government and private partners over many years.

Additionally, TSA seems to be ignoring the risk that relying heavily on biometric data for identification may actually create new national security risks that the federal government is ill-equipped to handle. For example, India’s infamous Aadhaar biometric database, which was built by the Indian government to reduce corruption and expanded for use by other public and private groups, keeps getting hacked. It is not only cheap to buy the information of one of the 1.19 billion people in the database, but the hacks also allow for new information to be entered into the database. Rather than increasing security, India’s biometric database created more problems and opportunities for corruption.

Implementation Issues and Cost Overruns

 Finally, this roadmap glosses over the weaknesses of facial recognition technology as a means to identify travelers and ignores the challenges CBP has already faced rolling out their biometric exit program.

We’ve written many times before about the significant accuracy problems with current face recognition software, especially for non-white and female people. For example, earlier this summer the ACLU published a test of Amazon’s facial recognition program, comparing the official photos of 435 Members of Congress with publicly available mugshots. The ACLU found 28 false matches, even in this relatively small data set.

CBP has claimed to have a 98% accuracy rating in their pilot programs, even though the Office of the Inspector General could not verify those numbers. According to the FAA, 2.5 million passengers fly through U.S. airports every day, meaning that even a 2% error rate would cause thousands of people to be misidentified every day. 

TSA’s roadmap does not acknowledge these accuracy problems, much less outline an efficient way to allow wrongly identified travelers to complete their trips. Additionally, the roadmap does not acknowledge the need to allow travelers to opt out of the system.

But even if the claims about the advances in biometric software and technology are true, the Office of the Inspector General has also reported that CBP consistently and substantially underestimated the cost of their biometric exit program to the American taxpayer. To close some of the funding gaps, CBP would have to depend on the airports and airlines to purchase the necessary biometric equipment and to provide staff to implement the program. In short, for CBP and TSA to achieve their goals, they must force American travelers to hand over their biometric data to private companies.

What’s Next

TSA should not move forward on this plan without addressing the serious security concerns and without providing a reliable, convenient way for travelers to opt out of the program. Even if biometrics provided a reliable identification system for travelers, the kind of system and database the roadmap outlines could make it more difficult for people to travel, in direct conflict with the agency’s mission “to protect the nation’s transportation systems to ensure freedom of movement for people and commerce.”

Related Articles:

Atlanta airport’s Terminal F has become the “first biometric terminal” in the United States.And Detroit is next…As of December 1, Delta Airlines rolled out biometric scanning for air travel at the Hartsfield-Jackson Atlanta International Airport (ATL), Terminal F.  International passengers will be able to use facial recognition scans from “curb to gate” to get through every facet of their air travel.

For years, I have been warning people about facial recognition in retail stores, but this story might convince you to avoid retail stores altogether. A recent article in Biometric Update. com (BU) reveals that retail stores have a master plan to convince Americans to accept facial biometrics. BU interviewed four facial biometric company CEO’s and what they revealed is frightening.

Today the US Transportation Security Administration released a detailed TSA Biometric Roadmap for Aviation Security & the Passenger Experience, making explicit the goal of requiring mug shots (to be used for automated facial recognition and image-based surveillance and control) as a condition of all domestic or international air travel.

The TSA has released its roadmap to use biometrics technology in the coming years.

BriefCam’s “Transforming Video into Actionable Intelligence” allows law enforcement and retailers to secretly identify people by their gender, body size, color, direction, speed and more.

Omnipresent facial recognition has become a golden goose for law enforcement agencies around the world. In the United States, few are as eager as the Department of Homeland Security. American airports are currently being used as laboratories for a new tool that would automatically scan your face — and confirm your identity with U.S. Customs and Border Protection — as you prepare to board a flight, despite the near-unanimous objections from privacy advocates and civil libertarians, who call such scans invasive and pointless.

Big Tech has gathered unprecedented amounts of personal data from millions of people. At the same time, a system of total surveillance has been constructed: Facial recognition, biometric scanning, cell phone surveillance and more have amassed a huge amount of information.

Five days ago, IDEMIA announced their plan to install facial recognition cameras in rental vehicles. IDEMIA and Omoove are combining forces to spy on car renters everywhere. “You will never rent a car the same way thanks to EasyOpen solution that combines IDEMIA’s expertise in secure service enablement and Omoove’s experience in Shared Mobility platforms and on-board technology.”

In a little publicized section of Trump’s Immigration Executive Order, the president ordered Department of Homeland Security (DHS) to “expedite the completion and implementation of a biometric entry exit tracking system.” The purpose of the tracking system is to confirm who is entering and exiting the country to, for example, identify people who have overstayed their visas. Congress has already provided up to a billion dollars over the next ten years to implement the program.

Related News On HPUB:

... post your own so far 0 comments

Comments

No comments yet.

Leave a Comment

You must be logged in to post a comment.

 
  • Hpub asks

    • Sorry, there are no polls available at the moment.