Registered Traveler: Data privacy, security prompts chairman’s inquiry

Chairman of the House Homeland Security Committee sends letter to TSA

A House committee chairman with jurisdiction over the Homeland Security Department is urging DHS' Transportation Security Administration (TSA) to get more involved in safeguarding personal data for about 165,000 people held by a defunct former partner in the Registered Traveler program.

Verified Identity Pass Inc., the largest private operator of Registered Traveler services, shut down operations June 22. Its Registered Traveler program, named Clear, allowed pre-screened and enrolled travelers expedited service through security clearances at airports.

Registered Traveler is a frequent flier-type program that was co-sponsored by TSA from 2005 through 2008. It continues to involve TSA in various aspects of its operation; for example, TSA mandates many of the requirements regarding the collection and handling of personal information for enrollees in the program.

Rep. Bennie Thompson (D-Miss.) who chairs the House Homeland Security Committee, wrote to TSA to say he is worried because the agency apparently did not set requirements for disposal of the personally identifiable information held by Registered Traveler operators that shut down.

“We are concerned about the security and safety of the information currently held by Clear,” Thompson wrote to TSA Acting Assistant Secretary Gail Rossides on June 25.

“Many members of the traveling public have trusted TSA’s Registered Traveler program,” Thompson wrote. “This level of trust can only be maintained by TSA providing clear and proper protocols to govern the disposition of data when a Registered Traveler operator decides to leave the program.”

Verified Identity Pass said in an undated announcement on its Web site that it is working with lead systems integrator Lockheed Martin Corp. to protect the personal information of Clear enrollees while it shuts down the program.

“The personally identifiable information that customers provided to Clear may not be used for any purpose other than a Registered Traveler program operated by a TSA-authorized service provider,” the company announcement states. “Any new service provider would need to maintain personally identifiable information in accordance with the TSA’s privacy and security requirements for Registered Traveler programs. If the information is not used for a Registered Traveler program, it will be deleted.”

The company said it intends to notify Clear members in a final e-mail message when the information is deleted.

In response, TSA Spokeswoman Ann Davis said today that a response to Thompson is being drafted.
 
TSA’s policy on data handling in Registered Traveler is further described on its Web site, Davis said. After TSA co-sponsorship of Registered Traveler was terminated in July 2008, service providers’ use of data was to be regulated under their own privacy policies. Information submitted to TSA prior to July 2008 will be destroyed in accordance with the record retention period approved by the National Archives and Records Administration, she said.

Also signing the letter were Reps. Christopher Carney (D-Pa.), and Sheila Jackson-Lee (D-Texas), who chair two subcommittees of the homeland security committee.

About the Author

Alice Lipowicz is a staff writer covering government 2.0, homeland security and other IT policies for Federal Computer Week.

Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.