[iwar] [fc:Uncle.Sam.soon.may.want.to.check.their.credit.histories.before.they.board.airplanes]

From: Fred Cohen (fc@all.net)
Date: 2002-06-07 09:35:30
Next message: Fred Cohen: "[iwar] [fc:The.FCC.and.big.companies.control.of.high-speed.Internet.access]"
Previous message: Fred Cohen: "[iwar] [fc:Feds.Seek.Better.Microsoft.Security]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200206071635.g57GZUE04050@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Fri, 7 Jun 2002 09:35:30 -0700 (PDT)
Subject: [iwar] [fc:Uncle.Sam.soon.may.want.to.check.their.credit.histories.before.they.board.airplanes]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

Uncle Sam soon may want to check their credit histories before they board airplanes

U.S. Asks Software Providers
To Help Identify Terrorists

By STEPHEN POWER
Staff Reporter of THE WALL STREET JOURNAL

First, air travelers were asked who packed their bags. Next came questions
about what might be in their shoes. Now, Uncle Sam soon may want to check
their credit histories before they board airplanes.

In the midst of a massive reshuffling of various security agencies, the
government is considering ways to better identify terrorists and to cut down
the number of searches needed at airports. The Transportation Security
Administration -- which President Bush Thursday proposed transferring to a
new homeland-security agency from its current home within the Transportation
Department -- is enlisting companies that analyze personal credit-card and
insurance records. The aim is to target suspicious travelers when they make
a reservation so that by the time they show up at the airport, authorities
will be on alert.

The government is asking a handful of firms that provide fraud-detection
technology for credit-card companies or insurers, such as HNC Software Inc.
and Infoglide Software Corp., to demonstrate how the government could run
airline passengers' names against various databases to identify potential
terrorists. The government hasn't disclosed what databases it plans to tap,
but efforts to expand what authorities know about air travelers are taking
wing. The project, run out of the TSA, is seeking help from the Federal
Bureau of Investigation and other law-enforcement agencies that keep lists
of people wanted by the government. The TSA is asking Congress for $45
million to fund the project.

Searching for Patterns

The undertaking builds on a program already operated by the nation's
airlines to identify terrorists. That program, known as the Computer
Assisted Passenger Prescreening System, or Capps, relies on basic
information disclosed by fliers to airlines when they reserve and buy
tickets -- such as their names, addresses, and method of payment -- to look
for patterns that point to terrorism.

The new program would take much of that same data and check it against other
databases that the government considers reliable in determining that a
passenger isn't a terrorist. A Transportation official familiar with the
program says the TSA hasn't ruled out looking at fliers' purchasing patterns
for evidence of suspicious behavior, but that the government is more
interested in publicly available data, such as property records, rather than
"whether you bought loafers or tennis shoes."

"We're never going to know the life histories of the millions of people who
fly on planes, and we don't care to," the official said. But "if you've had
a credit card for 25 years, always paid your bills and ... you're rooted in
the community, that says you're probably not a terrorist of the type we saw
on Sept. 11."

Meanwhile, one of the companies helping the TSA, San Diego-based HNC, is
well known in the credit-card industry for making software that processes
transaction data -- along with publicly available demographic and census
data -- to generate a score indicating the probability that fraud has
occurred. During a recent private briefing for the U.S. General Accounting
Office, a HNC consultant said the company is developing software that could
help the government assign a similar kind of score every time a passenger
books a flight reservation.

"We view Capps as a way of allowing us to spend more time with the true
terrorist," instead of wasting time with the average traveler, said an
administration official familiar with the project.

Another idea under consideration at the TSA is the creation of a "trusted
traveler" or "registered passenger" program, in which fliers would undergo
extensive background checks in exchange for faster screening. But prospects
for that plan are less certain, as the TSA's chief, John Magaw, has
expressed concern that terrorists could foil it by living quietly in the
U.S. for a few years.

For airline officials, any move to reduce random searches of their customers
couldn't come sooner. Since Sept. 11, air travelers have been subjected to
extensive searches of their carry-on bags and -- in some cases -- even been
ordered to partially disrobe when going through security checkpoints, only
to undergo further examination at boarding gates. Some airline officials see
reducing random searches as crucial to winning back business travelers, who
-- though they make up only half of the passengers on the average flight --
account for about two-thirds of the industry's annual revenue, based on some
industry estimates.

"We have a lot of people who are driving rather than flying, and we need to
get those people back," said Deborah C. McElroy, president of the Regional
Airline Association, a Washington group that represents carriers that
provide short- and medium-haul service.

Civil-Liberties Group Sues

Transportation officials have said any new security measures they implement
won't single out fliers on the basis of race, ethnicity or national origin.
But that hasn't soothed civil-liberties advocates. One organization, the
Electronic Privacy Information Center here, has filed a complaint against
the Transportation Department in federal district court here over the
agency's refusal to provide details about Capps as the government assumes
responsibility for the program.

"The facts that are known are few, but very provocative," says David L.
Sobel, the Center's general counsel. "The question is how much information
about this program is going to be known during the development phase before
these systems are implemented. We believe a maximum amount of information
should be disclosed ... so the public can assess the degree of invasiveness
that might be involved with some of these systems."

Transportation Department spokesman Leonardo Alcivar said officials want to
"strengthen our ability to share information among federal law-enforcement
agencies," but declined to specify what other kinds of data the government
is considering using. In a report to Congress last month, the TSA said its
technology would "fuse threat data gathered from State, Federal and
private-sector sources."

The prospect of bigger budgets for Capps has created a frenzy among
companies eager to help the TSA overhaul the program. When the
Transportation Department's deputy secretary, Michael Jackson, addressed a
luncheon last month organized by the nonprofit Council for Excellence in
Government, the audience was filled with representatives of various software
developers, including Electronic Data Systems Corp. and American Management
Systems Inc.

Before any extensive changes can be made to Capps, though, Congress has to
weigh in. The TSA is seeking $4.4 billion -- on top of $2.4 billion the TSA
has for the current fiscal year -- as part of a supplemental spending
request for various security projects, such as equipping airports with
bomb-detection machines and hiring new airport-security workers to screen
passengers and bags for weapons.

The $45 million request for Capps in the TSA's budget proposal, though not
large by federal-contract standards, would represent a massive increase in
federal funding for the program. Until now, the airlines have carried most
of the costs -- though they won't disclose its total budget -- with the
Federal Aviation Administration chipping in about $5 million between 1996
and 1997 to help get the program started, according to people familiar with
the matter.

For now, the TSA has agreed to pay a handful of software developers to
demonstrate how they would assess old airline passenger-reservation records
against public databases, such as property reports, driver's license
information and telephone directories. Those tests are expected to be
conducted sometime in the next 60 days, people familiar with agency's plans
said. The agency said in last month's report to Congress that it plans to
begin deployment of the new system this fall.

Write to Stephen Power at <a href="mailto:stephen.power@wsj.com?Subject=Re:%20(ai)%20WSJ%20-%20Credit%20and%20Background%20Checks%20for%20US%20Air%20Travellers?%2526In-Reply-To=%2526lt;B9264F73.32F96%25rforno@infowarrior.org">stephen.power@wsj.com</a>

------------------------ Yahoo! Groups Sponsor ---------------------~-->
The FREE Server Security Guide shows you how: • DEPLOY THE LATEST ENCRYPTION and authentication techniques • DELIVER TRANSPARENT PROTECTION with the strongest security
without disrupting users. And more. Get your FREE Guide now:
http://us.click.yahoo.com/4tQ9vC/KyKEAA/Zr0HAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Next message: Fred Cohen: "[iwar] [fc:The.FCC.and.big.companies.control.of.high-speed.Internet.access]"
Previous message: Fred Cohen: "[iwar] [fc:Feds.Seek.Better.Microsoft.Security]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:32 PDT