The Transportation Security Administration (TSA) still plans to launch the Computer Assisted Passenger Prescreening System II (CAPPS II) this year. But in February the General Accounting Office (GAO) issued a report pointing out that the program has not yet met seven of the eight standards Congress set for it.
CAPPS II will take the full name, home address, home phone, and birth date of every airplane traveler and check them against an unidentified array of existing public and private databases to generate a "risk category." This rating will determine whether passengers go through our now-standard screening, get set aside for especially exacting searches, or get turned over to police forthwith.
As of January 2004, the GAO reports, the TSA had not yet "determined and verified the accuracy of the databases to be used," "completed a security plan to reduce opportunities for abuse," or "developed…a process under which passengers impacted by CAPPS II can appeal decisions and correct erroneous information," among other failures.
The TSA is also behind schedule in planned initial tests of the system, "because it was unable to obtain passenger data needed for testing from air carriers, which would not provide the…data because of privacy concerns." The GAO report adds that "we lack assurance that [CAPPS II] will fully comply with the Privacy Act," since the TSA asked for exemption from seven of the law's provisions but has not yet told Congress why.
The TSA already has announced that the program could and probably will be used for more than identifying foreign terrorists. As the GAO notes, "Expanding the CAPPS II mission could…lead to an erosion of public confidence in the system" and increase the number of people erroneously detained at airports.