The Electronic Privacy Information Center is urging the Transportation Security Administration to reconsider its growing embrace of biometric identification of travelers. The recommendations come by way of public comments on the TSA’s PreCheck biometric pre-screening program for travelers, with the TSA currently planning to expand enrollment options to include fingerprint, face, and iris biometrics, in addition to standard biographic information.
EPIC flags the TSA’s practice of sharing passengers’ biometric data with the FBI and DHS, asserting that it will then be held in those organizations’ databases “for decades beyond what is necessary for the stated purpose of collection,” adding that information kept in the latter’s IDENT database can be accessed by international agencies. In addition to potential privacy violations in such practices, EPIC argues that citizens’ biometric data is exposed to security risks when stored in government databases, citing a recent GAO report entitled “Federal Agencies Need to Better Protect Sensitive Data” in arguing that most government agencies have inadequate security measures in place against potential hack attacks and other threats.
EPIC also argues that PreCheck participants should have more control over how their biometric data is used and stored, arguing that keeping passenger data only for as long as it’s needed to enable PreCheck participation would not frustrate the overall aim of the program.
EPIC’s comments arrive not just as the TSA seeks to expand the biometric capabilities, but as border authorities and travel operators experiment with biometric passenger screening more broadly.
July 10, 2017 – by Alex Perala