What is required by the Secure Flight regulations that wasn’t required before?

(1) You have to give the airline or travel agency your name, data of birth, and gender, all exactly matching your ID, before you can make a reservation for any flight.

(2) The airline has to send that information, and various other data from your reservation and personal profile, to the TSA, 72 hours before each flight (or as soon as you make a reservation, whichever comes first).

(3) Unless the TSA sends the airline a message that you are “cleared”, you can’t fly. The airline is forbidden to give you a boarding pass or let you on a plane unless the government has sent the airline an individualized, per-passenger, per-flight Boarding Pass Printing Result (BPPR) message.

(4) You have to show your ID to the airline whenever the TSA tells them to ask you for it. If you can’t or won’t show the airline your ID, you can’t fly.

(Secure Flight is used for doemstic flights within the US. See our separate FAQ and this presentation for more on the the systems used for international flights to and from the US.)

Before Secure Flight, how did airlines and the government decide who was allowed to fly?

Many different government agencies secretly “nominate” people for inclusion on various blacklists (“watchlists”), including the air travel “selectee” list and the “no-fly” list. The FBI’s Terrorist Screening Center reviews (in secret) any derogatory information provided by the nominating agency, and decides (in secret) which names to put on those lists. Before Secure Flight, the TSA continuously transmitted these blacklists to the airlines, who checked the names in passenger reservations against the names on the lists. If the airline came up with a possible match with the “selectee” list, they flagged the boarding pass so that passenger would be subjected to more intrusive “secondary” search. If the airline found a possible match with the “no-fly” list, they wouldn’t issue a boarding pass or let the passenger on the plane, and would give the TSA a call in an attempt to verify whether the passenger in question was actually the person identified on the list and to to get instructions from the TSA as to what to do.

How did this process change under Secure Flight?

The no-fly and selectee lists are created and maintained the same way they were before, by the same agencies, with the same secrecy and lack of due process or judicial review. But instead of sending these lists to the airlines, the TSA now requires airlines to collect and transmit identifying and itinerary data on each domestic US airline passenger to the TSA prior to each flight. This data, called the Secure Flight Passenger Data (“SFPD”), is collected by travel agencies, tour operators, cruise lines, and other intermediaries, and includes your name, gender, date of birth, which flight(s) on which airline(s) you plan to take, and your TSA “redress number” if you have previously complained to the TSA that you were improperly prevented from flying. The TSA combines the SFPD with their blacklists and other data and secret criteria and decides whether to authorize the airline to issue a boarding pass, which is needed to get through security where ID is required. The TSA can also order the airline to demand the passenger show ID to the airline to try to verify the passenger’s identity, contact the police, or take other action.

What are the blacklists (“watch lists”)?

The blacklists (“watch lists”) are secret lists of people deemed to dangerous to fly, yet apparently not so dangerous as to require the issuance of a warrant for their arrest. Air travel blacklists/watchlists include the “No-Fly” and “Selectee” lists. The TSA has admitted that these lists are intended not only to promote the safety of air transportation, but also to disrupt the functionality of “terrorists” organizations by inhibiting their mobility. There is no due process mechanism for being placed on or taken off these lists. It is done entirely in secret, and in doing so ignores the protections afforded by the Bill of Rights against government tyranny. Whatever benefit they provide is greatly outweighed by the danger for abuse they present.

Don’t I have a right to travel?

The Identity Project thinks you do, but the TSA disagrees. Here is what DHS had to say about it in their Secure Flight final rule:

Comment: Many commenters argued that the Secure Flight program is unconstitutional and infringes on an individual’s freedom of movement, assembly, and right to travel. A commenter also argued that the Secure Flight program violates Article 12 of the International Covenant on Civil and Political Rights (ICCPR) because it restricts ‘‘liberty of movement.’’

TSA Response: TSA disagrees with the comments. The Government may place reasonable restrictions on the right to travel in order to protect compelling interests; in this case, transportation and national security. The Secure Flight program does not deny individuals their right to travel or other constitutional rights. Courts have consistently held that travelers do not have a constitutional right to travel by a single mode or the most convenient form of travel. The Secure Flight program would only regulate one mode of travel (aviation) and would not impose any restriction on other modes of travel. Thus, Secure Flight does not unlawfully infringe or restrict individuals’ freedom of movement or assembly. Also, the Secure Flight regulations are reasonable and are not onerous or unduly burdensome to individuals.

Additionally, Article 12 of the ICCPR does not apply to laws that are necessary to protect national security. Because the purpose of the Secure Flight program is to protect national security, Article 12 would not apply even if the Secure Flight program did somehow restrict liberty of movement.

To many, travel by aviation is the only mode available to them. IDP believes that the restrictions are unreasonable, do not make us safer, and to say the right to travel can only be violated when all forms of travel are affected is disingenuous. Using TSA logic, the right to travel could only be violated if all forms of travel are subject to ID requirements.

What data other than the SFPD is sent by the airlines to TSA pursuant to Secure Flight?

A substantial amount of commercial airline data on each passenger’s travel is also transmitted to the TSA as part of the SFPD. This commercial data includes itinerary information which itself includes the departure airport code; aircraft operator; departure date; departure time; arrival date; scheduled arrival time; arrival airport code; flight number; and operating carrier. Other information transmitted by the airline to the TSA includes the reservation control number; record sequence number; record type; passenger update indicator; traveler reference number; and the passenger’s passport information if collected by the airline or already known to the airline (from a previous flight or frequent flyer profile, for example).

TSA says that it doesn’t collect or use commercial data to conduct Secure Flight “watch list” matching. Is that true?

No, that’s not true. Secure Flight is based on using commercial data from airline reservations and airlines’ profiles of their passengers as the basis for government decisions of who to allow to fly, and who not to allow to fly. Just because the data used by TSA in Secure Flight comes from the airlines, it does not mean it’s not commercial data.

Does Secure Flight use data mining?

Yes. First, airline reservations and passenger profiles are mined to extract the Secure Flight Passenger Data (“SFPD”). Second, the substantial amount of additional commercial data communicated by the airlines to the TSA is used in TSA’s data analysis methodology. What algorithms the TSA uses to conduct their data mining is unknown. Such data mining has been explicitly forbidden by Congress.

Does Secure Flight assign risk scores to travelers?

Yes. Every would-be passenger is assigned a risk score of either “cleared”, “inhibited”, or “not cleared.” This is presumably the same as the risk scores of “green”, “yellow”, and “red” rejected under the defunct CAPPS II program. The assignment of risk scores to airline passengers, except to people who are actually on watch lists, has been explicitly forbidden by Congress.

What does it mean to be placed in the “inhibited” category?

To be “inhibited” in “TSA speak” means that TSA suspects that you might be the person on their watch list, and further information as to your identity is necessary to confirm or deny that suspicion. An airline may not issue a boarding pass to an “inhibited” individual. Unless you can further prove your identity to show you are not the supposedly-bad person on the secret list, you’re not going to be allowed to fly.

How much has Secure Flight cost?

Billions of dollars. The TSA said Secure Flight would cost at least $2 billion, but airlines and travel agencies said it would probably cost much more than that. And that’s on top of several billion dollars that the TSA, airlines, computerized reservation system (CRSs) and travel agencies had already spent before Secure Flight to modify their databases, collect additional information from and about travelers, and give the TSA access to their reservation systems. According to the International Air Transport Association (IATA), Secure Flight would “force airlines … to change the way they operate, and how they interact with passengers, other airlines and travel agents. As a result, the industry faces complex system changes in order to meet the DHS duplicative data requirements at growing costs for the airlines and their passengers.”

Why does Secure Flight cost so much?

Tens of thousands of pieces of software that are used to collect, transmit, store, and process reservations have had to be changed. Before Secure Flight, there were no standards for storing or transmitting birth date or gender in airline reservations. First the industry had to develop and agree on new standards to include this in the “ATA/IATA Reservations Interline Message Procedures-Passenger” (AIRIMP) protocol. Changes to the AIRIMP take years. Then each airline or computerized reservation system (CRS) had to add these fields to their databases, and add new commands, responses, and messages to all their interfaces and APIs to handle this new data. Only then could travel agencies (both online and offline) and other intermediaries, including every Web site that sells airline tickets, begin to use those new command formats and APIs to modify their scripts, procedures, and automation software to collect this new data. Meanwhile, airlines had to develop and implement real-time systems to extract the “Secure Flight Passenger Data” (SFPD) from Passenger Name Records (PNRs), send the SFPD to the TSA, and inhibit boarding pass issuance unless and until the TSA sends back a “cleared” message for each would-be passenger.

Who has to pay for Secure Flight?

You do, through higher taxes, higher security fees on tickets, and higher fares.

How long did Secure Flight take to implement?

We don’t know. Airlines and travel agencies said that the TSA’s original 3-month timetable was impossible. Some travel companies said it would take at least 6 months. Others said it would take a year or more. In practice, it took many years, but the deployment schedule was kept secret.

When did the Secure Flight regulations go into effect?

The new regulations took effect December 29, 2008. From that day onward, airlines have had to comply with any TSA orders for Secure Flight for all domestic US flights.

When did the TSA give airlines those orders?

We don’t know. TSA orders to the airlines will be given in secret “Security Directives” and orders approving “Aircraft Operator Implementation Plans”. All of these are considered “Sensitive Security Information” and are kept secret from the public. The TSA said they expected to give the first airline its orders to start collecting information, sending it to the TSA, and refusing passage to anyone except those the TSA “clears”, sometime early in 2009.

Which airline(s) were first to participate in Secure Flight?

We don’t know. The only clue was when they started demanding birth date and gender from all their passengers.

If the airline tells me something is required by the TSA, how can I tell if that is true?

You can’t. TSA orders are given to airlines in secret. The TSA has provided no way to verify what those secret orders really require. TSA signs about ID requirements at airports and on the TSA website contradict what the TSA has said in court when those requirements have been challenged. And the TSA has said it might “create public confusion” for people to read their press releases.

If someone demands to look at my ID, how can I tell if I am really required to show it to them?

You can’t. The TSA has provided no way to verify who is really acting on their orders or authority.

What if I don’t have a government-issued photo ID?

You can’t fly unless the TSA decides to give you permission, which they could revoke at any time, even in the middle of your trip

What if I don’t qualify for a government ID card?

You can’t fly unless the TSA decides to give you permission, which they could revoke at any time, even in the middle of your trip.

What if my ID was lost or stolen?

You can’t fly unless the TSA decides to give you permission, which they could revoke at any time, even in the middle of your trip.

What if I have only a temporary ID without a photo, while I’m waiting for a new or replacement photo ID?

You can’t fly unless the TSA decides to give you permission, which they could revoke at any time, even in the middle of your trip.

If I give the airline or travel agency my birth date and gender, and have government-issued photo ID, will I be allowed to fly?

Not unless the TSA sends the airline a message that you are “cleared” for a specific flight.

Is this “clearance” be denied only for people who are on a “watch list”?

No. There is no language in the Secure Flight regulations that requires that people who aren’t on “watch lists” be allowed to fly.

If I’m not on a “watch list”, will I be allowed to fly?

Not unless the TSA gives the airline permission to transport you on a specific flight.

What do I have to do to get permission to fly?

You have to give your full name, gender, and date of birth, all matching your government-issued ID. 72 hours before your flight (or as soon as you make a reservation, whichever comes first), the airline sends your information to the TSA. If the TSA gives you permission to fly, they send a “cleared” message to the airline.

What if the airline doesn’t get any answer from the TSA?

You won’t be allowed to fly.

So the TSA only gets part of the information in my reservation?

The TSA says that only your only your name, gender, date of birth, flight details, reservation “record locator”, and passport information (if the airline has it in your reservation, or in a stored profile from a frequent flyer program, registration on their website, or previous flight), is “normally” transferred by an airline to TSA. But if the TSA wants it, they can use the record locator to pull the entire Passenger Name Record (PNR). That shows who you are traveling with, if you asked for a kosher or halal meal, how many beds you asked for if you booked a hotel in the same reservation, etc.

Will I know if the TSA has asked the airline for my complete PNR or additional information about me?

Not without making a request under the Privacy Act for your records from the TSA. They might not tell you even then, but you can try. The TSA has categorized most Secure Flight records as “Sensitive Security Information” and has tried to exempt them from the Privacy Act. And even if the TSA has looked at your data, they might no longer have copy in their records by the time they responded to your Privacy Act request (even though the airline would still have a copy, and the TSA could retrieve it again at any time).

Are airlines and other travel companies allowed to keep my information?

Yes. Under US law, your information belongs to these travel companies, even if you provide it only because the government makes you. The “Secure Flight” regulations require you to provide youtr name, date of birth, and gender to the airlines, but impose no restrictions whatsoever on how airlines can retain, use, or share this information. Airlines and computerized reservations systems can (and probably will, since storage is cheap and they can probably find ways to monetize the information about you) keep your records forever, use them, sell them, or send them to other countries. They don’t have to get your permission, tell you what they have in your permanent file, or tell you what they have done with it. And the government can get this information from them at any time, in secret, by using a “National Security Letter”.

Who decides whether to give me permission to fly?

That’s for them to know and you not to find out. The regulations don’t say.

How do they decide whether to give me permission to fly?

That’s for them to know, and you not to find out. The regulations don’t say.

Are there any rules they have to follow when they decide whether to let me fly?

No, there are no rules or standards, at least none that they have made public or included in the Secure Flight regulations.

Will I have a hearing? Will I see the evidence against me? Will I be able to have a lawyer?

No. It will all be decided in secret, without you.

If the airline doesn’t get permission for me to travel, will they tell me?

No. Even if the airline finds out 3 days before the flight, you won’t find out until you get to the airport. The airline might tell you that you can’t print your boarding pass at home, but that doesn’t necessarily mean you won’t be allowed to travel.

How can I tell in advance if I’ll be allowed to fly?

You can’t.

If I’m allowed on one flight, does that mean I’m OK for my whole trip?

No. You could get on your first flight, but not be allowed to get on a connecting flight. Or you could get to your destination, and not be allowed to come home.

If the TSA won’t let me fly, will they tell me why?


Will the airline tell me why I’m not allowed to fly?

No. The airline probably won’t know the reason (if there is a reason), and won’t be allowed to tell you even if they do know.

If I’m not allowed to fly, will I get a refund?

Maybe. That depends on the rules in the airline’s conditions of carriage. Some airlines will give you a refund, but only if you agree not to sue them for any other damages.

What can I do if I’m not allowed to fly?

You can appeal to the same people who made the original decision. They will consider your “redress” request the same way they made their initial decision: in secret. You won’t have a hearing, you won’t know who or what agency “nominated” you for a watchlist or travel restriction, and you won’t see the evidence (if any) against you. They won’t tell you what, if anything, they have decided, when, or why. The only way to find out if they have changed their decision will be to buy another ticket, and try to fly again.

How long will this “redress” process take?

They can take as long as they like. Just keep trying to fly, and maybe someday you will find out that you are allowed to fly again. But even if that happens, you might be stopped once again at any time.

Don’t I have a right to a hearing before a judge?

The DHS doesn’t think so. We’ll find out what the courts will rule when people challenge these rules. Dr. Rahinah Ibrahim, for example, was a graduate student in the U.S. with a valid visa but was arrested when she tried to get on a flight home. She was the first person to get a trail in Federal court on why she wasn’t allowed to fly. Secretary of Homeland Security Chertoff used to be a Federal judge. But now he says he doesn’t believe in judicial review of his agency’s decisions: “Mr. Secretary, … Why not give the American citizen his day in court to contest the proposed action of your department?… Secretary Chertoff: [W]e judge through an inter-agency process whether someone ought to be put on the no-fly list. And the list is then transmitted to the airlines and winds up then being a basis to deny people…. But we don’t conduct court hearings on this…. But if you are asking if we would do a court process where we litigate it, I mean, that effectively would shut it down.”