However, TSA cannot begin testing an ID verification system that uses private databases until GAO evaluates the impact of Secure Flight on aviation security.
Transportation Security Administration officials issued a solicitation for proposals last week from companies to prepare for conducting tests with commercial data. They want the controversial Secure Flight program's testing completed by the end of March 2005.
However, TSA officials cannot begin testing an identity verification system that uses private databases until Government Accountability Office officials evaluate the impact of Secure Flight on aviation security and submit a report to Congress. TSA officials must get congressional approval to proceed with the program.
GAO officials briefed Congress a week and a half ago about TSA information submitted before Christmas, said Cathleen Berrick, GAO's director of homeland security and justice issues. "We'll put out something public in three or four weeks," Berrick said of the forthcoming report.
But Rep. Harold Rogers (R-Ky.), the Appropriation Committee's Homeland Security Subcommittee chairman, and the subcomitte's ranking member, Rep. Martin Sabo (D-Minn.), requested Friday that GAO officials continue reviewing TSA measures and assess its methodology of commercial data testing.
Secure Flight is supposed to prevent terrorists and others who pose a threat from boarding aircraft. Commercial data would assist TSA officials to reduce identification errors by finding names similar or identical to names on terrorist watch lists.
TSA officials are already testing passenger name records from airlines. They published a directive in the Federal Register in November, requesting 30-day blocks of data for the month of June from all airlines, to test the TSA's new passenger prescreening program. Agency officials are still conducting the tests.
"We're pleased with the results," said Deirdre O'Sullivan, a TSA spokeswoman. "Now, we would like to move to phase two — testing of the commercial data." ACLU officials opposed the November directive, saying air carriers' personal data was highly inconsistent and very detailed, possibly including credit card numbers and meal requests.
Under Secure Flight, TSA employees will compare domestic airline Passenger Name Record information with records contained in the Terrorist Screening Center Database, which is a responsibility that air carriers have. The database includes the expanded No-Fly and Selectee lists.
Testing will be governed by strict privacy and data security protections, officials said.
NEXT STORY: The Platts Plan