Airlines would collect fingerprints for US-VISIT
Homeland Security Department officials plan to require commercial airlines and cruise ship lines to collect biometric information from non-immigrant foreign travelers when they leave the United States by the beginning of next year.
For years, DHS has been collecting biometric data from such travelers when they arrive in the United States as part of the department's U.S. Visitor and Immigrant Status Indicator Technology program. However, DHS has had a hard time creating an exit system with similar capabilities because of logistical, technological and commercial problems. The exit program is a requirement of a major national security law Congress passed in 2007. After conducting a pilot program, DHS today announced the government’s plan to meet that obligation.
Under the proposed rule, federal authorities would reconcile the fingerprints that commercial carriers gather from passengers as they exit the country with biometric and biographical data collected on their arrival. That will allow authorities to determine whether visitors complied with their visa or visit limitations.
Commercial carriers are already required to send authorities passenger manifest information before they depart, via Customs and Border Protection’s Advanced Passenger Information System. Under the proposed rule, fingerprints must be transmitted to DHS no later than 24 hours after a plane or ship departs from the United States.
Airlines would send the biometric data in a message formatted in Extensible Markup Language. The message would contain a biometric image along with biographic data such as the person's first and last names, date of birth, and the date and time the fingerprints were taken.
DHS would use the data to create an exit record and verify the identity of the traveler against entry data stored in DHS’ Automated Biometric Identification System and the Arrival and Departure Information System.
Small aircraft and ships would be exempt from the requirements.
DHS’ notice of proposed rulemaking identifies unauthorized use of the biometric information collected by the carriers and identity theft as potential privacy risks for the visitor exit plan. However, officials say the risks are mitigated by the system’s technical, physical and administrative controls. For example, carriers would be required to ensure that their systems and transmission methods meet government standards.
The proposed rule does not require that fingerprints be collected from a specific place in the airports, but DHS suggests that airline officials minimize disruptions by making it part of normal business operations.
The proposed rule is open for public comment for 60 days. DHS officials plan to implement the program by January 2009.
Ben Bain is a reporter for Federal Computer Week.