TSA suspends Registered Traveler enrollments

The Transportation Security Administration has suspended new enrollments for the largest vendor in the Registered Traveler program following the company's loss of a laptop PC that contained unencrypted personal information on 33,000 participants in the program.

The TSA said the vendor, Verified Identity Pass Inc., was found to be “not in compliance” with the agency’s requirement to encrypt sensitive personal information submitted by applicants and enrollees, according to TSA spokeswoman Ann Davis. Although the agency has authority to suspend the program overall and impose civil penalties, Davis said today neither additional action is now being considered.
The laptop was stolen from a locked office at San Francisco International Airport, Verified Identity Pass said in a statement. The personal information the laptop contained is protected by two levels of password protection and does not include Social Security numbers, biometric data or credit card information, the company said. The individuals affected were mostly new applicants along with a few members seeking re-enrollment.
“We don’t believe the security or privacy of these would-be members will be
compromised in any way,” Steven Brill, chief executive of the company, said in a statement.
The Registered Traveler program operates as a partnership between TSA, private vendors, and airport authorities. The enrollees pay a fee, supply personal information and undergo a background check, and then receive expedited service through security checkpoints at 17 participating airports. The enrollees verify their identities at airports through use of a biometric identification card. Verified Identity Pass said it has about 200,000 enrollees in the program.

The TSA said it started the suspension following the loss of the computer on July 26. The agency said it has instructed Verified Identity Pass to notify all the individuals whose data was stored in the computer, and to cease use of unencrypted computers until encryption can be installed. The agency also notified airport authorities to ensure their cooperation.
The company will be required to submit an independent audit showing that encryption is in place, and TSA will check the audits, before enrollment can resume. The actions do not affect current operations or current enrollees of Registered Traveler, TSA officials said.

The information on the missing laptop includes applicants’ names, addresses, birth dates and, for some applicants, driver’s license number, passport numbers or alien registration card numbers, the company said. The company said it provides identity theft warranty protection to cover damages from the loss of data.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

FCW in Print

In the latest issue: Looking back on three decades of big stories in federal IT.


  • Anne Rung -- Commerce Department Photo

    Exit interview with Anne Rung

    The government's departing top acquisition official said she leaves behind a solid foundation on which to build more effective and efficient federal IT.

  • Charles Phalen

    Administration appoints first head of NBIB

    The National Background Investigations Bureau announced the appointment of its first director as the agency prepares to take over processing government background checks.

  • Sen. James Lankford (R-Okla.)

    Senator: Rigid hiring process pushes millennials from federal work

    Sen. James Lankford (R-Okla.) said agencies are missing out on younger workers because of the government's rigidity, particularly its protracted hiring process.

  • FCW @ 30 GPS

    FCW @ 30

    Since 1987, FCW has covered it all -- the major contracts, the disruptive technologies, the picayune scandals and the many, many people who make federal IT function. Here's a look back at six of the most significant stories.

  • Shutterstock image.

    A 'minibus' appropriations package could be in the cards

    A short-term funding bill is expected by Sept. 30 to keep the federal government operating through early December, but after that the options get more complicated.

  • Defense Secretary Ash Carter speaks at the TechCrunch Disrupt conference in San Francisco

    DOD launches new tech hub in Austin

    The DOD is opening a new Defense Innovation Unit Experimental office in Austin, Texas, while Congress debates legislation that could defund DIUx.

Reader comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group