CAPPS

[Matthew X]

By late fall, federal airport security officers hope to begin installing 
computer systems that can instantly check the personal backgrounds of 
airline passengers and alert security officials to any who are deemed 
dangerous before they can board planes and take off.
The tool, a substantially advanced version of the Computer Assisted 
Passenger Prescreening System (CAPPS) now in use, is being designed to comb 
multiple government and commercial databases for information that could 
indicate that a passenger poses a threat.
Although installation of the system at airports is scheduled to begin in 
late fall, a government official, speaking on background, said it could be 
delayed if, as expected, the Transportation Security Administration is 
pulled out of the Transportation Department and moved into the Homeland 
Security Department.
"We're waiting to see what happens with the new department," the official said.
The House of Representatives has approved a Bush administration plan to 
create the Homeland Security Department and move TSA and about two dozen 
other federal entities into it. But the Senate has only begun to examine 
the proposal.
Last spring, TSA hired four companies to design rival versions of essential 
software for the passenger screening system, and agency officials expect a 
final design of the system to be finished this fall.
The system should be able to conduct "real-time preflight background threat 
evaluation" of airline passengers by using names and personal information 
taken from passenger manifests, according to TSA and industry sources.
The system, called CAPPS II, would compare information from manifests with 
information culled and analyzed instantaneously from "numerous databases 
from government, industry and the private sector" to determine whether any 
passengers pose a security threat.
A computer using a security scoring algorithm and criteria and weights set 
by TSA would decide whether a passenger posed a threat. The system would 
also consider "threat data gathered from state, federal and private-sector 
sources," TSA officials wrote in a report on CAPPS II.
An existing version of CAPPS provides threat information to airline 
employees, who are then supposed to pass it on to airport security 
personnel. The new version is being designed to provide threat alerts 
directly to "front-line security forces," including via secure wireless 
communication, the report states.
TSA's plan to use information from commercial databases worries privacy 
advocates.
The Electronic Privacy Information Center warns that "each airline 
passenger will be subjected to an extensive profiling" if CAPPS II goes 
forward. Lawyers for EPIC sued TSA, saying the agency failed to disclose 
enough information about how the system will work.
EPIC wants to know what factors would trigger a threat alarm, how accurate 
data in the databases would be, what recourse travelers would have if they 
are falsely identified as being a threat, and whether the system violates 
constitutional prohibitions, including those against unreasonable searches.
TSA officials are guarded about discussing the system. In a notice about 
CAPPS II sent to software developers this spring, TSA warned that "there 
shall be no public release of information concerning the requirements" of 
the system or proposals by companies interested in developing it.
But industry officials insist it will work. "It could be very effective" in 
identifying potentially dangerous passengers, said Allen Shay, president of 
Teradata, a data warehousing division of NCR Corp.
The system is likely to focus on passengers who pay cash, buy one-way 
tickets or have questionable or conflicting identification documents, 
criminal records or other information in databases that arouses suspicion, 
he said. Similar automated background checks are common in the financial 
industry and commerce, Shay said. Banks, for example, check employment, 
credit and financial records when marketing loans.
But the passenger-screening system is almost certain to raise concerns 
about privacy and profiling, Shay said. "When it is done in the commercial 
world, it is known as customer resource management. When it is done by the 
government, it's an invasion of privacy," he said. "To move forward in a 
positive way, that's something we're going to collectively have to get over."
http://www.fcw.com/fcw/articles/2002/0902/news-capps-09-02-02.asp
Hope it picks up anthrax carrying sheep murdering Mi5 agents.