GAO: TSA still hasn't fixed Secure Flight

Aviation Security: Management Challenges Remain for the Transportation Security Administration's Se

Related Links

The Transportation Security Administration has failed to implement any of the improvements the lead federal watchdog agency recommended for TSA’s Secure Flight passenger screening program, according to a new report.

TSA has not developed complete systems requirements for Secure Flight or conducted essential systems testing recommended in a March 2005 report, said Cathleen Berrick, director of homeland security and justice issues at the Government Accountability Office.

TSA also has not made important decisions to improve the system’s effectiveness, such as what passenger data it would require from air carriers or the name-matching technologies it would use, Berrick said at a hearing of the House Homeland Security Committee’s Intelligence, Information Sharing and Terrorism Risk Assessment Subcommittee.

TSA also has not created a program management plan and implementation schedule for Secure Flight, or shown how it will protect passenger privacy, Berrick said.

TSA put Secure Flight on hold this past March to reassess it after intense government and public scrutiny revealed significant privacy and security concerns.

GAO supports TSA’s efforts, but recommends that the agency not move forward with operational testing or other major Secure Flight program activities until it can show it has implemented more disciplined life-cycle process management, Berrick said.

In February, GAO reported that TSA had made progress on the items laid out in the March 2005 report, Berrick said. The recommendations included:

  • Finalizing a concept of operations plan, and systems requirements and test plans.

  • Finishing formal agreements with U.S. Customs and Border Protection and air carriers to get passenger data.

  • Developing life cycle cost estimates and complete critical performance measures;
  • Establishing a redress process.

TSA has taken some steps to improve management of Secure Flight, Berrick said. It has hired a program manager to oversee Secure Flight and another person who has credentials in information systems program management, she said.

Subcommittee members said innocent travelers are still encountering delays because their names are similar to those on watch lists. GAO has criticized the accuracy and completeness of the master terrorist list on federal watch lists, said Rep. Zoe Lofgren (D-Calif.), the subcommittee’s ranking Democrat.

TSA is not the originator of the watch list information and is not directly involved in the redress process, said Rep. Rob Simmons (R-Conn.), the subcommittee’s chairman. That said, he added, “we must improve and facilitate the process of cleaning up this list.”

TSA is concerned about protecting people’s rights and privacy while fighting an evolving enemy, said Bill Gaches, TSA assistant administrator for intelligence, who also spoke at the hearing.

“We’ve made some progress, but in all honesty, we still have a long way to go,” Gaches said.

TSA could play a more active role in the redress process, he said. “Clearly, we have room for improvement."

Gaches declined to comment on how Secure Flight uses terrorist watch lists, saying the Office of Intelligence does not run the program.

He said he is not familiar with the information technology TSA uses to share information with U.S. Immigration and Customs Enforcement (ICE) about which names are put on the terrorist watch list. He said he would obtain the information and provide the committee with the details after the hearing.

TSA clearly needs to increase and improve its connectivity to ICE, U.S. Customs and Border Protection and the U.S. Coast Guard, he said.

He offered the subcommittee a classified review on the checks and balances that TSA uses and how the Terrorist Screening Center and the National Counterterrorism Center contribute to TSA’s screening processes.


  • Government Innovation Awards
    Government Innovation Awards -

    Congratulations to the 2020 Rising Stars

    These early-career leaders already are having an outsized impact on government IT.

  • Cybersecurity
    cybersecurity (Rawpixel/

    CMMC clears key regulatory hurdle

    The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.

Stay Connected