The Department of Homeland Security Privacy Office dropped two long delayed reports the Friday morning before Christmas – either as presents to civil liberties advocates or as a way to inflate their 2006 performance numbers – depending upon your degree of cynicism. One report (.pdf) concerns an anti-terrorism information sharing system known as the MATRIX, which got funding from the federal government. The ACLU asked the office to look into the program in May 2004. The other concerns (.pdf) Secure Flight and its invasive and undisclosed use of massive amounts of commercial data in early 2005 to test whether a centralized air passenger screening system that used data held by private data brokers would be more effective than the current name checks done by airlines.
Both reports date back to the office's first chief privacy officer, Nuala O'Connor Kelly. After she left in September 2005, her deputy Maureen Cooney took over, but had so little power that it was rumored she could not even hire interns without approval from the Department. The office is intended to have a measure of independence, and reports to Congress yearly, but it cannot force agencies within Homeland Security to turn over documents.
Neither report has much interesting to reveal, besides that they have nothing interesting to reveal. The Government Accountability Office issued its findings on how Secure Flight administrators abused the Privacy Act on July 22, 2005.
The GAO found (.pdf) that: "During the course of our ongoing review of the Secure Flight program, we found that TSA did not fully disclose to the public its use of personal information in its fall 2004 privacy notices as required by the Privacy Act."
That's a very nice way of saying the program administrators broke the law.
