Secure Flight is a passenger pre-screening program for flights in theUnited States, managed by theTransportation Security Administration (TSA). It is a risk-based system that matches passenger information against watch lists maintained by the federal government. Results are used to communicate withairlines about high or low risk passengers.[1]
Airlines previously pre-screened passengers usingCAPPS by comparing names to government watch lists and communicating with law enforcement (and later TSA) about suspected passengers. This process was inconsistent across airlines and not effective in preventing theSeptember 11 attacks.[2] The final report of theNational Commission on the Terrorist Attacks Upon the United States recommended that this watch list matching function be performed by the TSA instead of airlines.[3]
TheIntelligence Reform and Terrorism Prevention Act (IRTPA) of 2004 required theDepartment of Homeland Security (DHS) to assume from aircraft operators the function of conducting pre-flight comparisons of airline passenger information to federal government watch lists for international and domestic flights by 2005.[4] The Secure Flight program was introduced in August 2007, which proposed requiring airlines to send passenger information to the TSA for comparison against watch lists. The TSA would respond with instructions to either screen a passenger normally, use enhanced screening, or denial into the sterile area.[5] They hoped this new system would reduce the number of people accidentally being matched to a watch list.[6]
The Secure Flight Final Rule was issued in October 2008 and officially began the transfer of watch list matching to the TSA.[7] Secure Flight began implementation with select domestic aircraft operators at the beginning of 2009 and completed implementation for all domestic and international airlines in December 2010.[8]
In 2010, the program transitioned to a risk-based system in response to the attempted attack ofNorthwest Airlines Flight 253 in December 2009. This allowed the system to identify people not in watch lists. In 2011, the TSA began to use the entireTerrorist Screening Database instead of being limited to theNo Fly List orSelectee List.[9]
In 2013, the program was further expanded to search private databases for information like past travel with the intention of identifying low risk people forTSA PreCheck.[10]
The program requires airlines to obtain the full name, sex, date of birth, Redress Number, andKnown Traveler Number of passengers and people who need access to the sterile area. The information is transferred to the TSA seventy-two hours prior to the departure time of a flight. The TSA compares information with government watch lists like theNo Fly List andSelectee List within theTerrorist Screening Database. After this process, the TSA provides airlines with a decision to issueboarding passes with normal screening,Secondary Security Screening Selection, or denial of a boarding pass.[11]
TSA has stated it will not collect or use "commercial data"[clarification needed] to conduct Secure Flight watch list matching.[12] It has also released a Privacy Impact Assessment (PIA).[12] The TSA policy, however, makes no mention of any limitations on what theairlines themselves, who collect the sensitive (birth date, etc.) information, may do with this.[12]
Secure Flight has many similarities withCAPPS and theNo Fly List, and therefore raises the same validated[13] concerns aboutcivil liberties anddue process. Specifically, civil libertarians argue that under the Secure Flight program, there are insufficient redress mechanisms for innocent citizens on watch lists. Additionally, the content and quantity of the watch lists has fallen under scrutiny.[14]
The Secure Flight Programme applies to non-US flights overflying the United States. The TSA uses a table of airport pairs to determine if a flight is overflying the United States.
