[“Secure Flight” process flow used by the TSA for airline passengers and being tested on Amtrak passengers. The red box at right center is the “black box” for algorithmic profiling, blacklist/blocklist enforcement, and fly/no-fly decision making.]

Amtrak has reportedly given the Transportation Security Administration several months of  archives of Amtrak passenger reservations and frequent rider profiles. At Amtrak’s request, the TSA has used these records to test the TSA’s ability to extend to Amtrak passengers the ID-based profiling and blacklisting algorithms the TSA already applies to air travelers.

If you aren’t allowed to travel by air, the right to travel by train is critical. And while all common carriers have an obligation to transport all would-be passengers, Amtrak as a government agency should be most strictly held to that obligation.

The plans to run a batch of historical Amtrak reservations through the TSA’s “threat assessment” black box were disclosed in a Privacy Impact Assessment (PIA) quietly posted on the Department of Homeland Security website last December, and first noted in a news report by Mark Albert of Hearst Television earlier this week.

The PIA posted by the TSA in December 2021 said that Amtrak would give notice of the batch transfer of reservation archives to the TSA through an update to Amtrak’s privacy policy. That policy was last updated in November 2021, and doesn’t mention data sharing with the TSA. But a follow-up report today by Hearst Television quotes the TSA as saying that, “The collection of data and analysis has already occurred,” without the promised notice in Amtrak’s privacy policy.

What will this TSA’s test of Amtrak passenger profiling reveal? Of course some of the people who aren’t allowed to travel by air travel by train or bus instead. Amtrak and Greyhound are the long-distance carriers of last resort for undocumented and blacklisted travelers. So it’s to be expected that the TSA will find a disproportionate percentage of the people it has blacklisted from air travel on Amtrak passenger manifests.

Even more people will be forced to take Amtrak or Greyhound instead of flying if the TSA — as it has threatened — starts preventing people from flying if they don’t have, or don’t show, any ID, or ID the TSA deems to be compliant ID with the REAL-ID Act.

Does this mean that would-be terrorists are riding Amtrak trains? No. It means only that people blacklisted from air travel are riding trains. So far as we know, there have been no terrorist attacks on Amtrak trains. The false positives generated by the TSA’s “threat assessment” algorithms and precogs are evidence of what’s wrong with predictive profiling and why the right to travel by common carrier is so important.

The TSA and DHS have long wanted to extend their prior restraint of travel from airline passengers to all modes of travel including  trains and buses, but have lacked any legal basis to do so. Amtrak’s sharing of reservation  data with the DHS, even for passengers on international trains, has been represented as a “voluntary” action by Amtrak.

In the absence of any notice from Amtrak, it’s unclear what Amtrak claims as the legal basis for the recent “test” of TSA profiling of passengers on domestic Amtrak trains.

It’s no surprise to us that Amtrak is disregarding promises and legal requirements for transparency about its collection and use of passengers’ personal information.

Amtrak appears to be subject to the Paperwork Reduction Act (PRA), which requires advance notices in the Federal Register, opportunities for public comment, approval by the Office of Management and Budget, and posting of notices wherever information is collected by Federal agencies. But so far as we can tell, Amtrak has never complied with any of the requirements of the PRA.

While the language of the PRA is clear — it applies to any US Federal “government controlled corporation” — there is not yet any case law applying the PRA to Amtrak.

The PIA from the TSA says, disingenuously, that the PRA does not apply to the use of Amtrak reservation records by the TSA, because the TSA did not collect the reservation data. But that begs the question of whether the PRA applies to Amtrak’s original collection of personal information from passengers — which we think it clearly does.

Amtrak has recently begun telling travelers who purchase tickets through the Amtrak website that they are “required” to provide their date of birth. Presumably, the reason for this new information demand is to enable profiling and blacklisting of Amtrak passengers by the TSA. Amtrak has had less success enforcing information collection requirements when tickets are purchased at staffed stations or on trains. Many front-line employees throughout the Amtrak system have, to their immense credit, quietly ignored orders (see pages 211-214) to collaborate in police surveillance of their customers, and routinely sell tickets and board passengers without demanding IDs or other information.

Amtrak’s responses to some of our Freedom Of Information Act requests show the effort Amtrak and the computerized reservation systems that travel agents use to make Amtrak reservations had to go through when Amtrak began collecting this sort of identifying information about passengers on its international trains in 2005, and making that information available to US Customs and Border Protection (CBP).  Now it appears that Amtrak is trying to expand this DHS surveillance and control of passengers to its much larger number of domestic trains.

But no legal basis is stated for this “requirement”. In the absence of an OMB control number or PRA notice for an information collection by Amtrak, the PRA may provide a legal defense for a  passenger who declines to answer questions.

Amtrak also appears to have ignored other countries’ laws applicable to personal information collected when Amtrak tickets are purchased from abroad. For example, Amtrak operates trains between the US and Canada jointly with VIA Rail Canada, and since 2005 has given CBP access to all reservations for passengers on those trains. Amtrak sells tickets in Canada through VIA Rail and Canadian travel agents.

Despite all this, Amtrak’s interline agreement with VIA Rail, released in response to one of our FOIA requests, does not mention privacy, data protection, or the applicable Canadian “Personal Information Protection and Electronic Documents Act” (PIPEDA). And in its response to another of our FOIA requests, Amtrak claimed to be unable to find any policies, records, or email messages even mentioning PIPEDA. It appears that Amtrak has assumed that, as a US entity, it can operate in Canada while ignoring Canadian privacy law.

Amtrak is subject to FOIA, and we are continuing to seek information through FOIA requests about Amtrak’s passenger surveillance and collaboration with DHS and law enforcement agencies. We’ve had multiple FOIA requests pending with Amtrak for years, including requests for Amtrak data sharing agreements and any records related to the the legal basis for Amtrak’s privacy policy.

Amtrak’s main FOIA office released no records to anyone during Fiscal Year 2021, and Amtrak hasn’t provided even partial responses to any  of our pending FOIA requests for more than two years.  Amtrak appears to be among those Federal agencies that have used the COVID-19 pandemic as an excuse to suspend all FOIA compliance, even when the requested records are stored electronically and should be accessible remotely.

We haven’t abandoned our FOIA requests or our investigation and reporting on Amtrak’s practices. We welcome tips from Amtrak passengers, staff, or contractors.