May 01 2009

“Secure Flight” data formats added to the AIRIMP

Amendments to the ATA/IATA Reservations Interline Message Procedures – Passenger (AIRIMP) take effect today, providing the first industry standard formats that airlines, travel agencies, and computerized reservation systems (CRSs) can use to transmit the additional information about travelers and prospective travelers newly required by the TSA for its Secure Flight airline passenger “screening” (surveillance and control) system.

What does this mean about the status of Secure Flight — especially in light of the TSA press release last month that claimed to “announce … the implementation of the Secure Flight program”?  Has Secure Flight been implemented?  And if it hasn’t been yet, when will it be?

Secure Flight is a complicated scheme, the implementation of which will require major new systems and major changes to existing ones, both for the TSA and for the air travel industry.

What was announced last month by the TSA, and the changes in the AIRIMP which take effect today, are two almost entirely separate, equally essential, but only partial steps toward Secure Flight implementation.

Despite last month’s misleading TSA press release, Secure Flight implementation is still in the very early stages.  Much money already has been spent (and wasted) on compliance with unfunded Secure Flight mandates for IT infrastructure changes, but at least another billion dollars will need to be spent on at least another year of work by airlines, travel agencies, intermediaries, and their software developers and IT services providers before Secure Flight actually takes the final form contemplated by the TSA’s regulations.

That means that there is still time for the Obama Administration to order the TSA to withdraw the Secure Flight regulations, or for Congress to pass a law directing them to do so (and explicitly revoking any claimed statutory authority for Secure Flight), before more money is wasted and, more importantly, before most airlines start having to ask the government for permission before allowing us to board flights within the U.S.

Despite the broad statement in the TSA press release about Secure Flight “implementation”, all that was actually claimed was that, “To date TSA has assumed the watch list matching responsibility for passengers on domestic commercial flights with four volunteer aircraft operators.”

The TSA doesn’t say that these “aircraft operators” are scheduled airlines. More likely they are small charter operators.  The TSA doesn’t say that these operators are collecting or providing any of the additional information about passengers that will eventually be required, or that they are providing information or receiving “cleared/inhibited/not cleared” responses by any automated means. Small aircraft operators have performed watchlist matching by manually checking each name on the manifest against pages of printouts of TSA watchlists, and have communicated with the TSA (if necessary) by phone.

So while the TSA press release makes it sounds as though all of the technological problems Secure Flight critics have been solved already, and the infrastructure put in place across the industry, all last month’s announcement really means is that a few very small charter operators, with a handful of passengers a day, have been told to call the TSA before each flight, read the TSA the names on the manifest, and wait for verbal “clarance” from the TSA before allowing them to board, rather than looking those names up in a printed list of names on the “selectee” and “no-fly” lists.

That says nothing about the technical or practical feasibility the new data collection mandates, the new fly/no-fly decision-making algorithms and business and operating procedures, or the automation that will be needed for implementation with larger airlines and those which receive reservations through CRSs from travel agencies and other airlines worldwide.

Today’s changes to the AIRIMP, while essential for the eventual implementation of Secure Flight as the TSA now envisions it, are only the first of many technical steps that will be needed if that is to happen.

Airlines and other companies that deal with airline reservations didn’t know what data the TSA would require for Secure Flight, when, or in what format, until the final regulations were published in October 2008.  The industry governing board for the AIRIMP adopted new specifications for transmission of this newly-defined “Secure Flight Passenger Data” by an emergency mail vote in March, according to the airline association IATA which functions as the AIRIMP secretariat.  That’s extraordinarily fast action by such a global standards setting body, especially given the reluctance of airlines outside the USA to be forced to modify global standards to comply with a unilateral U.S. government mandate.  It was probably possible only because the AIRIMP is purely an industry standard, rather than a standard set by a slower-acting inter-governmental organization like ICAO.  The new standards are “voluntary”, meaning that IATA and ATA don’t require them to be used, although the U.S. or other governments might require them.  In the case of the U.S., that would probably happen through specifications in secret orders to airlines.

Twice before, in 2004 and 2006, the AIRIMP has been modified to add support for government-required APIS identification data. This year, however, was the first time that the TSA was directly involved in meeting with the AIRIMP board to draft new standards. Although everyone in the industry knew that the kinds of changes proposed by the TSA in Secure Flight would have to start with the AIRIMP, the TSA was slow to recognize this fact or its implications.

Sabre, the CRS which submitted the most detailed comments on the earlier proposed Secure Flight Rules, had pointed to the need for amendments to the AIRIMP as one of the reasons why it would be impossible to meet the TSA’s projected implementation deadlines.  Sabre recommended that the TSA not issue a final Secure Flight rule until after the AIRIMP had been amended to incorporate the TSA’s specifications for what data it would require.

But the AIRIMP is only a messaging protocol, and establishing standards doesn’t mean that any real world technical or business systems have yet implemented those standards. Sabre’s comments anticipated some of what will have to be done next:

Implementation is more complex than contemplated by the NPRM

…Forcing travel reservation agents to be the initial collection point for Secure Flight data elements will require travel agents to alter their existing electronic and manual collection systems. The NPRM [Notice of Proposed Rulemaking] is completely silent on who will pay the costs associated with documentation, training and software implementations for graphical interfaces, customer profiles, mid-office reporting, quality control scripting, and negative call center impacts… The NPRM merely estimates the total “burden” of the new regulatory scheme – a number that appears to have no discernable basis in how the travel industry works today.

How long will it take for the air travel industry and their IT vendors to make these changes?

CRSs rushed, with almost unprecedented speed (and probably starting even before the AIRIMP amendments were formally approved), to add the newly required information to their core databases, messaging, and command-line interface formats for entering Secure Flight Passenger Data in Passenger Name Records (PNRs). Some of the major CRSs have already rolled out new command-line formats to travel agencies for some categories of Secure Flight Passenger Data, while others expect to do so this month or within the next few months.

But each major CRS has several types of command line and graphical user interfaces for travel agents and airline staff, as well as one or more APIs called by other subscriber software or middleware, such as the booking engines and other programs that sit between users of online travel agency websites and the CRSs.  Secure Flight data entry formats are being implemeneds first in the airline and agency command-line interfaces, followed by APIs and GUIs.

Implementation across all CRS interfaces could take until March 31, 2010 (the date when the CRSs say the TSA wants them to be able to start transmitting Secure Flight data to the TSA), according to the latest information provided to subscribers by the CRSs.

Once the CRSs provide their subscribers with updated user interfaces and APIs, travel agencies and other intermediaries (and third party developers and suppliers of middleware, scripting, website, and other business process automation software) can begin to work on modifying each layer of each of their systems to incorporate the collection, validation, and onward transmission, in the format required by the next layer (and ultimately by the AIRIMP, the TSA’s regulations, the TSA’s secret directives to each airline, and the airlines’ secretly submitted and secretly approved implementation plans) of each of the newly required data elements.  That’s what’s happening with now with hundreds of thousands of small and large pieces of software, from the layouts of webpages to data entry forms to booking engine packages to quality control scripts written in proprietary CRS codes by individual travel agents.

According to the CRS documents we’ve seen, the TSA wants all airlines to have in place the ability to accept the new Secure Flight data items (ID document type, gender, date of birth, “Redress Number”, and “Known Traveler Number”) by August 15, 2009 for domestic flights within the U.S., and by October 31, 2009 for international flights to, from, via, or overflying the U.S.

However, airlines won’t actually start requiring this data from travel agencies, or sending it to the TSA, until considerably later.  Presumably, that’s to allow time for travel agencies and intermediaries to make the necessary changes to their systems and procedures, for the TSA to get itself and its contractors ready to accept and deal with the data, and for the new data to be entered.  Because reservations can be made up to a year in advance, passengers will be showing up at airports without the new data in their PNRs as much as a year after Secure Flight data starts being entered in all newly-created PNRs.

The best guide to when the TSA actually intends to “implement” Secure Flight, in terms of when airlines will be orderd not to transport you without explicit prior TSA permission in the form of a “cleared” message, is the testimony to Congress of acting TSA administrator Gail Rossides on March 31, 2009:

TSA believes that the Secure Flight program will be able to assume responsibility for watch list matching of passengers for all domestic commercial flights by the end of the first quarter of calendar year 2010, and all international commercial flights by the end of calendar year 2010.

Even those dates hoped for by the TSA (March 31, 2010 for domestic flights, and December 31, 2010 for replacing or merging with the current APIS permision system for international flights) are contingent on one further legal condition: The TSA is forbidden by Federal law from spending any money for “deployment or implementation, on other than a test basis, of … Secure Flight” until the GAO certifies that it has satisfied a series of tests established by Congress.  In the meantime, “During the testing phase … no information gathered from passengers, foreign or domestic air carriers, or reservation systems may be used to screen aviation passengers, or delay or deny boarding to such passengers, except in instances where passenger names are matched to a government watch list.”

The GAO has not yet given the required certification, and Secure Flight is unlikely ever to satisfy the statutory tests. In signing these laws, President Bush stated that his administration would not consider it bound by the requirement for GAO certification. The Obama administration has yet to comment on whether it will respect the law, or will take the position expressed by the previous administration, in this or other similar signing statements.

17 thoughts on ““Secure Flight” data formats added to the AIRIMP

  1. “Secure Flight” data formats added to the AIRIMP

    This item begins “Amendments … take effect today” There is no date. When is today? Thanks.

  2. An article in Management.Travel confirms many of these dates, based on information provided by travel agencies and CRSs, and gives more detail on the problems faced by travel companies: “‘It really was a surprise to me how complex and intricate’ the revised data collection process is, said Interactive Travel Services Association executive director Art Sackler. ‘We said [to TSA during the rulemaking process], “There’s much more here than meets the eye in terms of what has to be done to prepare for something like this, so we’ll need a good 270 days from the time it comes into effect,” and that’s what they gave us.’ … GDS firms have begun or soon will begin using modified processes agreed to by TSA and various industry participants. Meanwhile, many corporate travel agencies — from the largest mega travel management companies to smaller entities — have been working to adapt their agent scripts and booking tools to include required Secure Flight data collection, and their profile systems to help reconcile name discrepancies.”

  3. Pingback: Papers, Please! » Blog Archive » Air France passenger data and “no-fly” orders

  4. The USA has become a terrible place to live and work. Just terrible. Did I say terrible? I meant horrendous.

  5. There’s more from Travel Weekly in an article worth reading in its entirety. Some excerpts:

    This month, the U.S. Transportation Security Administration officially rolled out the first public phase of its Secure Flight program, which requires domestic airlines to start collecting more precise passenger name identification information. That, of course, means that travel agents, GDSs, online travel companies and myriad other links in the distribution chain must fall into compliance, though when and how are not really clear…. [T]he TSA isn’t actually checking yet — and it won’t be checking for a while, though no one is really sure how long a while might be….

    The airlines have staggered dates for compliance, depending on each carrier’s technological capabilities and on what arrangements it has worked out with the TSA….

    What the TSA and airlines are doing now essentially amounts to a dry run to find out what bugs need to be ironed out for the airlines and its distribution channels before the agency begins enforcing the data collecting and screening.

    “It’s my understanding that the completion of the project will be final for all channels by end of October-beginning of November 2010,” said Jim Martin, the North America product market manager for Amadeus. Martin coordinated the company’s efforts to meet the new security requirements for its GDS clients.

    That time frame is when it appears likely that the TSA will require the same data collection and transmission for international airlines, as well…. “I don’t think the TSA realized how many distribution channels the airlines have,” Martin said. “This was a bigger project from the outset than the TSA realized.”…

    The agency has taken knocks for having such rubber deadlines. In a report released last week, the U.S. Government Accountability Office said the TSA “schedule was more characteristic of a target deliverable plan than the work involved. … Moreover, likely program completion dates were not being driven by the schedule logic, but instead were being imposed by the program office in the form of target dates.”

  6. Pingback: Papers, Please! » Blog Archive » Today we’re all prisoners in the USA

  7. Pingback: Today we’re all prisoners in the USA « The Ruthless Truth blog

  8. Pingback: Today we’re all prisoners in the USA | Republic Broadcasting Network

  9. Pingback: Today We Are All Prisoners in the USA « The Vigilant Guardian

  10. Pingback: Today we’re all prisoners in the USA – Papers, Please! « Truth11

  11. It would have been much simpler to hold an honest 911 hearing where the real TRUTH came out than spend all this money on security. Let me get this straight–the government is keeping secret lists based on the lie of 911. We get to ask their permission to fly. They get to tell us if we are on their secret list. Wonder if they will station troops at the airport in further violation of our laws.

    Reasonable security and safety in flight is one thing. Allowing the government to build secret lists is very dangerous. Allowing the government to let you know if you’re cleared to fly is a dangerous sacrifice of liberty. Once again, no one consulted the American public. WE ARE THE GOVERNMENT in this country. I say a resounding NO to this ever increasing invasion of privacy and loss of freedom.

    Once again, this all traces back to 911, an inside job. The lie continues.

  12. Pingback: Papers, Please! » Blog Archive » “CAPPS IV”: TSA expands profiling of domestic US airline passengers

  13. Pingback: Papers, Please! » Blog Archive » Amtrak formats for passenger ID data dumps to governments

  14. Pingback: Government and industry collaborate in travel surveillance | Papers, Please!

  15. Pingback: Yes, the DHS wants mug shots of all air travelers | Papers, Please!

  16. Pingback: CBP proposes to require even more information from international air travelers – Papers, Please!

Leave a Reply

Your email address will not be published. Required fields are marked *