House members to TSA: Don't destroy Registered Traveler data
Deletion will make it harder to revive program, lawmakers assert
- By Alice Lipowicz
- Aug 21, 2009
The Transportation Security Administration’s Registered Traveler program is a step closer to being dead — and will be more difficult to revive -- now that the agency plans to destroy personal data from enrollees, according to two senior House members.
“We are writing to express our grave concerns about the TSA’s plans to have biometric data and unique identifiable information of all Registered Traveler program participants deleted,” Reps. Bennie Thompson (D-Miss.) and Peter King (R-N.Y.) wrote Homeland Security Secretary Janet Napolitano on Aug. 20.
Thompson chairs the House Homeland Security Committee and King is the panel's ranking member.
A handful of private vendors have operated the program, with participation from the TSA, since 2005. TSA sets the requirements for the program, while the vendors enroll travelers and collect and store their data. The travelers undergo a background check, pay a fee and provide fingerprints to be eligible to use designated lanes to speed through security lines at participating airports.
On June 22, the largest vendor, Verified Identity Pass Inc., abruptly ceased operations at all 18 airports where it had run designated lanes. It had enrolled about 165,000 travelers.
Shortly after those events, Thompson expressed concerns about the handling and security of the personal data being held by Verified Identity Pass.
Now the TSA is planning to destroy that data, which is held in the Registered Traveler Central Information Management System (CIMS) database. Thompson and King said they believe those plans will make it harder to get the program running again.
“We believe that permanently removing this data from the CIMS, or for that matter, dismantling the database, could have a potential negative impact on the restoration of operations for the Registered Traveler program,” Thompson and King wrote.
They encouraged TSA officials and Napolitano to reconsider destruction of the Registered Traveler data held by Verified Identity Pass and to work to create a strategy in which Registered Traveler can be revived.
Verified Identity Pass was by far the largest operator of Registered Traveler. On its Web site, the company states that it is protecting the Registered Traveler information and assures customers that the data cannot be used for any other purpose. “If the information is not used for a Registered Traveler program, it will be deleted,” the company said.
At least two other vendors have conducted Registered Traveler operations at two or more airports. However, the effect on their operations from the Verified Identity Pass shutdown and TSA plans was not immediately clear. TSA officials did not respond to a request for comment.
Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.