ACLU Urges U.S. to Stop Collection of Traveler Data

By Ellen Nakashima
Washington Post Staff Writer
Saturday, December 2, 2006

Privacy advocates yesterday called on the federal government to scrap a Department of Homeland Security data-mining program designed to create terrorism risk assessments for every traveler who enters or leaves the United States.

The Automated Targeting System began as a means of screening cargo but was quietly expanded in recent years to screen and create risk profiles that will be retained for 40 years, The Washington Post reported last month after a notice describing the system appeared in the Federal Register.

The government has been scrutinizing air passengers for risks for 10 years, and assessments of some land border crossers have been conducted for about two years, a Customs and Border Protection official said in an interview Thursday.

The risk profiles, which single out travelers for extra attention from customs officials, were disclosed publicly for the first time in the Nov. 2 notice, raising concerns among privacy advocates.

In formal comments filed Friday with the Department of Homeland Security, of which the customs agency is a part, the ACLU urged the government to abandon the program.

"How come we never heard about it before?" said Barry Steinhardt, director of the ACLU's Technology and Liberty Project. "The fact that they've been doing it for 10 years, under what authority?"

David Sobel, senior counsel for the Electronic Frontier Foundation, said he believes the program's existence without notice violates the 1974 Privacy Act. He, too, opposes the program.

"I don't see the logic of collecting massive amounts of information on millions of innocent citizens in the name of locating a small number of suspected terrorists," he said. "Casting that large a net raises issues both with respect to the security benefits as well as the privacy impact of the system."

Customs officials expressed exasperation with the call to abandon the program.

"How do they expect us to determine who's safe and who's at risk?" asked Patrick Jones, an agency spokesman. "We have over one million people coming into the country every day, and our job is to protect the American public from people who might want to harm the American public."

A separate proposal to conduct risk assessments on air passengers, called CAPPS II, raised so much controversy in 2004 that it was derailed, and a successor program has stalled.

Jayson P. Ahern, a Customs and Border Protection assistant commissioner, said the agency intends to eventually enter data for all border crossers in the ATS database. The data include name, date of birth, flight itineraries and credit card information. It also can include a customs inspector's interview notes on a traveler.

Ahern said travelers are screened for risk based on "assumptions" that he would not disclose. Those deemed potentially risky would be flagged for follow-up, he said. The system does not assign a numeric score or color code, he said.

"When you look at all the [risk] factors, it just kicks it out that this person is a target for follow-up," Ahern said. In other words, he said, "somebody's targeted or not."

Government officials asserted that creating a vast database over time on travelers -- including those who are law-abiding -- will help analysts build models of normal and suspicious behavior. Ahern said 309 million land and sea border crossings and 87 million air border crossings are made each year. More than 95 percent are for lawful reasons, he said.

Staff writer Spencer S. Hsu and staff researcher Madonna Lebling contributed to this report.

© 2006 The Washington Post Company