Faulty 'No-Fly' System Detailed

[R. A. Hettinga]

<http://www.washingtonpost.com/ac2/wp-dyn/A18735-2004Oct8?language=printer>

The Washington Post

washingtonpost.com
Faulty 'No-Fly' System Detailed


By Sara Kehaulani Goo
 Washington Post Staff Writer
 Saturday, October 9, 2004; Page A01

 The federal government's "no-fly" list had 16 names on it on Sept. 11,
2001. Today, it has more than 20,000.

 The list, which identifies suspected terrorists seeking to board
commercial airplanes, expanded rapidly even though the government knew that
travelers were being mistakenly flagged, according to federal records. The
records detail how government officials expressed little interest in
tracking or resolving cases in which passenger names were confused with the
growing number of names on the list.

More than 2,000 people have complained to the Transportation Security
Administration. Airlines, at one point, were calling the agency at least 30
times a day to say that they had stopped a passenger whose name was similar
to one on the list but after further investigation was determined not to be
a terror suspect, according to a TSA memo.

 More than 300 pages of documents related to the no-fly and related lists
were released late Thursday night by the TSA and the FBI in response to a
federal court order. The American Civil Liberties Union had filed suit on
behalf of Jan Adams and Rebecca Gordon, two peace activists who wanted to
know why their names had turned up on a no-fly list.

The documents reveal early symptoms of what are now known to be flaws with
the watch lists. Travelers who were flagged by the lists said they now foil
the system by altering how their names are spelled on their tickets --
adding their middle initials, full middle names or titles, for example.

Government officials do not announce when they stop passengers actually on
the lists. The only publicly known case involved Yusuf Islam, once known as
the pop singer Cat Stevens, who was prevented last month from entering the
country.

The information revealed by the documents is "not very comforting," said
Thomas R. Burke, a San Francisco attorney representing the peace activists
and the ACLU.

The TSA acknowledges that the system for checking passenger names for
suspected terrorists needs fixing, and it plans to overhaul it in a new
program called Secure Flight. The Justice Department declined to comment.

The false matches "underscore the need we have to get more information on
passengers to adjudicate those that are not a risk," said Department of
Homeland Security spokesman Brian Roehrkasse.

Every time a passenger books a ticket, the airline checks the traveler's
name against two enormous government databases, or watch lists, of people
the government believes pose a threat. The FAA created two lists in 2001: a
no-fly list and a so-called selectee list, both of which airlines compare
against reservation records. When the TSA was formed in 2002, it took over
maintenance of the lists from the FAA. The no-fly list grew from 16 names
supplied by the FBI in 2001 to 1,000 names by the end of 2002, according to
the newly released TSA documents. There are now more than 20,000 names on
the no-fly list, some which are aliases, according to a homeland security
source who is not allowed to release such numbers. There are several
thousand names on the selectee list, according to the source.

Internal TSA memos direct airlines to refuse boarding to a passenger on the
no-fly list and to alert the local FBI. Travelers on the selectee list are
to be directed to a law enforcement officer and put through additional
security procedures in order to board the plane, the documents said.

 Airlines declined to say exactly what kind of technology they use to match
names. But the documents make clear that in the months after Sept. 11,
carriers were having difficulty with the task. The Air Transport
Association, the airline trade group, met with the TSA's top policy
director in December 2002 to address the "false positives problem,"
according to a TSA memo.

"This has been such a headache for me," wrote one Alaska Airlines
executive, whose name was redacted, in an e-mail to the TSA a week before
the meeting. "Any solutions . . . would be greatly appreciated."

TSA officials wrote letters and e-mails of apology to passengers who
complained of being mistakenly flagged by the lists. But in an internal
memo, officials said there was little the agency could do.

"While a few carriers keep track of 'false positives' the majority do not,"
wrote Chad Wolf, now TSA's number-two policy official, in a December 2002
e-mail to agency legislative affairs official Cori Sieger. "Consequently,
TSA does not have the ability to record this data nor is there a pressing
need to do so."

 Passengers are falsely flagged by the lists in such large numbers because
of the kind of technology airlines use to compare the reservation lists to
the watch lists, according to experts in name-matching technology. Each
airline conducts the matches differently. Many major carriers use a system
that strips the vowels from each passenger's name and assigns it a code
based on the name's phonetic sound, according to the Air Transport
Association.

The name-matching technology is "too simplistic for a very complex
problem," said Jack Hermansen, co-founder of Language Analysis Systems Inc.
in Herndon, a company that has a competing name-matching technology that
factors in a name's cultural origin. "It's these accidental matches that
cause the big problem."

The phonetic-code concept is traced back to a program called Soundex
patented in 1918, which was used by Census Bureau officials to help sort
out names that sounded similar but might be spelled differently. The name
"Kennedy," for example, would be assigned the Soundex code K530, which is
the same code assigned to Kemmet, Kenndey, Kent, Kimmet, Kimmett, Kindt and
Knott, according to genealogy Web sites that use the technology. Today's
systems are more sophisticated than Soundex, but they grew from the same
origins, experts said.

"The reason this technology is used is you're really trying to protect
against typing errors," said Steven Pollock, executive vice president at
TuVox Inc., a company that sells speech-recognition software. "When someone
types in a name, the problem and the challenge is people will spell names
incorrectly. . . . Names are definitely the toughest things to get [right],
no doubt about it."

But the phonetic coding systems tend to ensnare people who have
similar-sounding names, even though a human being could tell the
difference. Earlier this month, for example, Rep. Donald E. Young
(R-Alaska), said he was flagged on the "watch list" when the airline
computer system mistook him for a man on the list named Donald Lee Young.

 ) 2004 The Washington
-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'