Ed Hasbrouck has been talking about this issue for a long time. Today, the Washington Post has an update, Report Says TSA Violated Privacy Law:
Secure Flight, the U.S. government’s stalled program to screen domestic air passengers against terrorism watch lists, violated federal law during a crucial test phase, according to a report to be issued today by the Homeland Security Department’s privacy office.
The agency found that by gathering passenger data from commercial brokers in 2004 without notifying the passengers, the program violated a 1974 Privacy Act requirement that the public be made aware of any changes in a federal program that affects the privacy of U.S. citizens. “As ultimately implemented, the commercial data test conducted in connection with the Secure Flight program testing did not match [the Transportation Security Administration’s] public announcements,” the report states.
It took two reporters — Ellen Nakashima and Del Quentin Wilber — to fail to answer all the interesting questions. First, is anyone going to be held accountable? Second, are these potential criminal violations or not? It doesn’t sound like it:
TSA spokeswoman Ellen Howe said the agency has “already implemented or is in the process of implementing” the recommendations contained in the privacy office report. She said the report’s conclusions were not surprising, adding that they were “very similar” to those reached last year by the General Accounting Office, the government’s auditing arm.
So, what was the purpose of this report, given that the GAO ventilated many of the facts a year ago? Does the rest of the TSA care about what its privacy office says? The story doesn’t tell us. It took two reporters to do this?
And, the Post makes no mention of what appear to be the follow-on illegalities.
On this stuff, you’re much better off reading blogs than the Post. Is Brad DeLong right? Is the paper (as opposed to online) Post toast?