CAPPS II could be operating in our nation's airports as soon as next month, the Washington Post reports. This is the long-threatened system that will, as you check in for a flight, take your full name, home address and telephone number, date of birth and travel itinerary and check it against a set of existing government and private databases to see if you are (probably) who you claim to be and if you have any known connection to bad guys.
The system will then categorize you as either green (go through security with only the new "normal" level of prodding, shoe-doffing, and nail clipper confiscation), yellow (enjoy even more detailed attention in the search) or red (step aside and talk to the nice officer). The system and how it works is still evolving—see the most recent Privacy Act notice on it here—and earlier complaints seem to have forced a few changes in the original plans for storing search records. "People of concern" were originally to have had their records kept for 50 years. Now the Department of Homeland Security announces the results will instead be kept "not more than a certain number of days after the safe completion of their travel itineraries." (God knows, that certain number could end up being 18,250.) A heroically detailed description of the program, its evolution, its connection with the planned Total Information Awareness program, and what you might want to do about it all, authored by travel journalist Edward Hasbrouck, can be found here.
When I first wrote about CAPPS II just around six months ago in my August/September Reason cover story about John Gilmore's lawsuit fighting for his right to travel anonymously, CAPPS II was, while obviously in motion, still just one of those many on-the-horizon future threats to privacy. Such threats are approaching much faster these days. When I first started researching that story, for example, I had never heard of radio frequency identification devices (RFIDs), though I certainly had gotten an earful by the time I was done. They still had the aura of something surprising and science fictional. Most people not professionally involved in legal fights about privacy had never heard of them, I found when asking around.
But a few weeks ago, USA Today was warning its readers about the devices, (which can be loaded with information about products, price, location, when and where purchased and the like and read by radio scanners yards away) and the potential threat to privacy they pose. As the USA Today writer put it, "RFID technology is here, and it's in use all over." With gambling casinos and such all-American icons as Wal-Mart embracing them, RFIDs ain't going away.
Devices like RFIDs have plenty of benign and helpful uses in inventory management and the like (though it's hard to imagine that CAPPS II will). So do such privacy-dissolving technologies as the credit card (creating permanent records of transactions), supermarket club card (ditto, and with even more precision, recording items bought as well as totals and merchant's name), and the telephone (allows strangers to make alarms go off in your house). But at least we chose to take on those burdens. With things like RFIDs and CAPPS II, we aren't making the choice. Sure, when it was just Delta cooperating with CAPPS-II, we could boycott them. When Washington enforces it on all airlines, as it is about to do, resistance gets much harder. We can now look forward to many more problems from mistaken identity like the ones that grounded the famous Christmas Air France flights to Los Angeles. And I suspect very few serious criminal plots against airlines will be foiled.
One news item this week shone a little optimistic light on fears of increasingly intrusive government tracking and surveillance systems. The Canadian province of Manitoba decided that developing a new biometrically encoded drivers license would be too expensive. Alas, that's unlikely to save us in Bush's America. After all, if we can afford to put a man on Mars, surely we can afford to track and label everyone with the most cutting-edge technologies available.
Human technologies are more or less unstoppable, if they help lots of people meet a perceived need in an economical fashion. Manufacturers and marketers think they need to know the sort of things that RFIDs can tell them; governments think they need to know the kind of things that CAPPS II systems, traffic cameras (however untrustworthy), and voice over internet protocol wiretaps, provide. More and more it seems inarguable that David Brin is right about privacy as we've come to understand it in bourgeois modernity: It's gone, and we will just have to learn to see that a fully transparent society where everyone can know everything about everyone else—provided citizens can know as much about the state as the state knows about them—might be for the best.
Any solution other than a technological war—in which new technologies to stymie the privacy-invading ones are brought to the fore (and there is hope along these lines—apparently the much-maligned tinfoil hat or equivalent might stymie RFIDs)—is beginning to seem more hopeless with each news cycle.
I wish I could provide a more optimistic conclusion for those who treasure the ability to move through the world relatively unseen by officious prying eyes; but this world is seeming more and more transparent every day.