Airlines ordered to hand over passenger details

The US Department of Homeland Security has ordered order airlines to hand over the complete records of all passengers who travelled on a domestic US flight in June.

In an "emergency" notice, the department's Transportation Security Administration (TSA) said the requirement is necessary to test a controversial computer "pre-screening" system that attempts to identify terrorists before passengers are permitted to board their flight. The system is called Secure Flight.

The information that airlines will be required to divulge by 29 October includes, at a minimum, the passenger's name, reservation date, travel agent, itinerary information, form of payment, flight number and seating information.

TSA said it will use those passenger records in two ways. First, it will verify that Secure Flight is able to match information on air travellers with records stored in government databases. Second, it will combine the passenger records with data purchased from unspecified "commercial data aggregators who provide services to the banking, home mortgage and credit industries" to see how much it may help the data-mining process.

Secure Flight is the renamed successor to the embattled Computer Assisted Passenger Pre-screening System (CAPPS), which had drawn fire from some members of Congress who worried about the privacy implications of performing intensive background checks on Americans who chose to travel by air. Homeland Security Secretary Tom Ridge said in July that CAPPS would be dismantled for that reason.

The department hopes this new announcement, which promises that the data will be stored safely and securely, will quell some of the privacy worries. In a separate notice, TSA privacy official Lisa Dean said the agency "believes it has taken action to mitigate any privacy risk by designing its next-generation passenger pre-screening program to accommodate concerns expressed by privacy advocates, foreign counterparts and others".

Marcia Hofmann, staff counsel of the Electronic Privacy Information Centre, said that it was "unclear" whether TSA had the legal authority to demand the airlines' records. Hofmann also questioned whether it was wise to expand reliance on "watch lists" or "no fly lists," which can be problematic for innocent people whose names resemble those on the list.

Airlines will have a month to comment on the proposal before it takes effect. They will be required to divulge passenger records on optical media in an XML or other structure data format if available.

Declan McCullagh writes for CNET News.com