Aviation security leaders are moving forward with plans to shift toward a risk-based system of passenger screening — an idea supported by the travel industry and government officials who want screeners to focus on travelers who may present a security threat.

But as details emerge on how governments and airlines plan to distinguish between “trusted travelers” eligible for lighter screening and those who will receive more scrutiny, civil liberties groups and some European regulators are questioning the use of vast amounts of personal data to decide which travelers to examine more closely — or to prevent from flying at all.

Collecting and sharing information on passengers is at the heart of the new effort. The information governments use to vet passengers includes data individuals have volunteered by applying for trusted traveler programs, as well as information gathered through terrorist watch lists, criminal background checks and border checkpoint encounters.

The risk-based approach also extends to the list of items prohibited from the cabin, which the Transportation Security Administration recently revised to allow small pocketknives.

As the focus turns more to identifying suspect travelers, not just suspect items, the government is also looking at data that airlines and travel agents have collected on their customers, ranging from birth dates and passport numbers to potentially confidential details apparent in travel itineraries (like a flight to Pakistan) and group discount codes (for a trip to a conference, for instance).

For passengers on international flights, much of the data in these “passenger name records” is already shared with the Department of Homeland Security, although the agency has agreed to filter out certain records, like a traveler’s kosher or halal meal preference — a potential indicator of religion — barring “exceptional circumstances.”

But the prospect of using passenger data not just for border control, but also to make airport screening decisions, exposed a fissure between more privacy-oriented European officials and their American counterparts.

Peter Schaar, the federal commissioner for data protection and freedom of information in Germany, speaking on a panel at an aviation security conference in Brooklyn last week, said that any system that uses passenger data to assess the security risk posed by an individual should have to meet three criteria: it must be proved to be effective at rooting out terrorists; it must be proportional to that goal, without violating privacy rights; and it must avoid negative side effects, like discrimination.

“I question whether these proposals meet at least one of those,” he said.

That perspective was in the minority at the event organized by the International Air Transport Association and attended by screening equipment manufacturers, airline and airport security directors and government officials mostly eager to move ahead — despite budget constraints — with what they called the passenger differentiation concept.

Janet Napolitano, the secretary of homeland security, who spoke at the conference, described the agency’s shift as a “risk-based approach that attempts to segregate out passengers for whom we have a lot of information and can evaluate their risk as low-risk versus those that we know little about or that are higher risk.”

The T.S.A. also plans to focus more on devices that could do catastrophic damage to an aircraft. John S. Pistole, the agency’s administrator, announced that small pocketknives and some sports equipment would be allowed in carry-on bags beginning April 25 — an effort to more closely align American rules with European standards.

The American government would also like to expand its use of behavior detection officers who question passengers in security lines, a technique used in Israel, but the Government Accountability Office has faulted the way the program is being carried out in the United States, saying it has not met scientific standards of validation.

While airlines and equipment manufacturers are seeking similar security procedures worldwide, sharing travelers’ data across borders — which already happens to some degree — presents more complex challenges. Governments are debating when and how to recognize another country’s trusted travelers, and how to respond if nations like China start asking for the same level of passenger data that the United States demands.

Article source: http://www.nytimes.com/2013/03/12/business/passenger-screening-system-based-on-personal-data-raises-privacy-issues.html?partner=rss&emc=rss