Aug 11 2020

TSA considers new system for flyers without ID

According to a solicitation to potential contractors published last week, the Transportation Security Administration (TSA) wants to outsource its current questioning of airline passengers without ID, and its decisions about which travelers without ID to allow to travel and which to prevent from flying, to a fee-based system operated through a cellphone app provided by a private contractor and based on (secret) commercial databases.

There’s some good news and some bad news in the TSA’s posting of this Request for Information.

First, the good news:

1. The TSA admits that people can and do fly without ID.

According to the TSA’s Request for Information:

Prior to the COVID-19 National Emergency, TSA encountered over 2.5 million passengers a day and, on average, 600 instances of passengers without acceptable ID. These individuals are able to verify their identity via telephone through our National Transportation Vetting Center (NTVC).

That’s almost three times the average daily number of airline travelers without ID disclosed in the most recent of the TSA’s belated and still-incomplete responses to our Freedom of Information Act (FOIA) requests for records of travelers without ID.

2. You will still be able to fly without ID, even after the TSA “implements” and “enforces” the REAL-ID Act.

In their most recent notice of postponement of their REAL-ID threats, the TSA and the Department of Homeland Security (DHS) have said that they plan to fully implement and enforce the REAL-ID Act, with respect to airline travel, beginning October 1, 2021.

The TSA and DHS have repeatedly claimed that after that date, all air travelers will “need” to show ID that the DHS deems compliant with the REAL-ID Act in order to fly. And the TSA has previously indicated — in 2016 and again in May of 2020 —  that it intended to modify its current ID verification procedures to (illegally) deny passage through TSA checkpoints to would-be travelers who don’t present REAL-ID Act compliant ID cards.

But the TSA is now soliciting information preparatory to soliciting bids for a contract to provide outsourced “identity verification” services for air travelers without ID.

The TSA wouldn’t be preparing to solicit bids for a system to deal with air travelers without ID if the TSA planned, in a little more than a year, to stop allowing those people to fly at all.

And the TSA says that the contractor’s ID verification system for flyers without ID must “be able to process thousands of transactions per hour per day [sic] distributed across the TSA enterprise of airports.”  Whether the TSA means “thousands per hour” or “thousands per day”, that’s several times more than the current number of travelers without acceptable ID.

The only plausible explanation for the expected many-fold increase in the number of travelers without acceptable ID is that the TSA’s implementation of the REAL-ACT will result in many more air travelers’ ID’s being deemed unacceptable, and that the outsourced system is the one the TSA plans to use for travelers without REAL-ID compliant ID.

The TSA is looking for a new system for dealing with travelers without ID only because it has been forced to abandon its original plan to prevent all such people from flying.

The most important takeaway from the TSA’s latest notice is that the TSA is (still) lying about what REAL-ID Act enforcement and implementation will mean. You will not need a compliant ID to fly. The procedures may change, but you will still be able to fly without ID.

This is a major victory for our legal objections and for the potential of popular resistance.

The TSA has implicitly acknowledged that — either because it lacks legal authority to prevent everyone without “acceptable” or REAL-ID Act compliant ID from flying, or because doing so would cause riots at airports or other forms of popular resistance, or both — it  won’t be able to stop travelers without ID or without compliant ID from flying.

The bad news is the nature of the TSA’s contemplated new procedures for flyers without ID (or without “acceptable” ID).

Currently, the TSA leaves the final decision on whether or not to allow airline passengers without ID to pass through TSA or contractor-operated checkpoints to the discretion of the Federal Security Director (FSD) or their designee on duty at the individual airport.

That decision can be based on what the FSD thinks of the traveler’s looks, the nature of any “unacceptable” ID they present, whether they are willing to complete and sign the illegal TSA Form 415, and their responses to questions relayed via the TSA’s Identity Verification Call Center (IVCC) from the TSA National Transportation Vetting Center (NTVC) based on information in records about the traveler held by the commercial data broker Accurint.

The new process apparently being considered by the TSA would outsource the questioning of travelers without ID or with unacceptable ID to a private for-profit contractor, with that questioning to be administered through a smartphone app. The questions would be based on some aggregation of government and commercial data, and the answers would be assessed according to some secret algorithm to generate a binary pass or fail result.

An identity thief (or ‘bot) with access to the commercial database used as the basis for “pass/fail” determinations would be better able to answer questions about the information in that database than would a real person who is unprepared for this questioning and who has no way to know (or to correct) what misinformation is contained in the database.

A traveler who shows up at a TSA checkpoint would, it appears, be told they have to install the mobile app, pay a fee through the app (which presumably would require a credit or debit card or bank account),  complete the in-app questioning, and show a “pass” result from the app to the TSA staff or contractors in order to “complete screening” and proceed through the checkpoint.

  • No cellphone? No fly. (We’ve seen this already in Hawaii.)
  • Your cellphone isn’t a smartphone? No fly.
  • Your smartphone has a different OS that can’t run the contractor’s app? No fly.
  • No charge in your cellphone battery? No fly.
  • No signal in the airport? No fly.
  • No credit or debit card? No fly.
  • Don’t know what misinformation is in data brokers’ records about you? No fly.
  • Your record fits a “fail” profile in the contractor’s secret algorithms? No fly.

Read More