The Transportation Security Administration convened a panel of private-sector experts in privacy and security to evaluate its Secure Flight airline passenger screening program, and when it didn’t like what they had to say, tried to make the report disappear.
I was a member of the government’s Secure Flight Working Group on Privacy and Security. We looked at the TSA’s program for matching airplane passengers with the terrorist watch list, and found a complete mess: poorly defined goals, incoherent design criteria, no clear system architecture, inadequate testing. (Our report (PDF) was on the TSA website, but has recently been removed — “refreshed” is the word the organization used — and replaced with an “executive summary” (Microsoft Word) that contains none of the report’s findings. The TSA did retain two (Microsoft Word) rebuttals (Microsoft Word), which read like products of the same outline and dismiss our findings by saying that we didn’t have access to the requisite information.) Our conclusions match those in two (PDF) reports (PDF) by the Government Accountability Office and one (PDF) by the DHS inspector general. — Bruce Schneier, in Wired
“That’s right, the TSA is disappearing our report,” Schneier said in a blog entry.
Now, if you haven’t actually read the report (PDF) yet, take a moment and do that. You’ll see that TSA, despite actually having invited these people to form this group and evaluate the program, raised more questions than answers about Secure Flight.
And if you looked at the address carefully, you’ll note I’ve saved a copy of the report, and it’s not disappearing. (Famous last words.)