Homeland Security's chief privacy officer Hugo Teufel III told reporters in Paris that the U.S. will soften its stance on some portions of a contentious E.U.-U.S. agreement about passenger data sent to the U.S. for terrorism screening programs.
"I believe that there will very likely be increased privacy protections with respect to the [Passenger Name Record] data," Teufel said on Thursday according to IDG's James Niccolai.
That's a stark about-face for the U.S. since just last fall DHS Assistant Secretary Stewart Baker told the E.U. that earlier provisions limiting how the U.S. could share the data were now moot, that it could add more data elements to its request unilaterally, and that it planned to push to keep the data for longer than the 3.5 years it originally agreed to. The original agreement (.pdf) allowed the government to hold onto the data for 3.5 years, but since the 2004 agreement was supposed to be revisited in 2007, the U.S. has never destroyed any E.U. traveler data.
DHS uses the data to screen passengers against the no-fly list and through its controversial Automated Targeting System, which rates all incoming and outgoing passengers terrorism risk The data sent to DHS includes cell phone numbers, credit card numbers, home addresses, names of travel companions, travel agent's name, meal preferences, frequent flier information and medical conditions.
It's not clear if Teufel is actually speaking for the U.S. delegation that is now in discussions with the E.U. His assertions about the U.S, position are contradicted by the U.K.'s House of Lords recent scathing report on the discussions (which they aren't a part of, since this is basically U.S. executive branch to E.U. executive branch talks.) Teufel was also quoted as saying that to his knowledge the U.S. did not collect credit card information.
His knowledge is clearly lacking since credit card numbers are most certainly kept and cross-referenced. They are item number 7 on the list of 34.Teufel likewise was quoted as saying the U.S. never identifies a person's religon using the special fields information, which can include food preferences such as Halal or Kosher. That's likely not the full truth since DHS gets that information but isn't allowed to look at things like meal preferences or special requests unless they already suspect the person of something.
In related news, Chertoff and Teufel separately said DHS is thinking about requiring European travelers to the U.S. to fill out an online questionnaire 48 hours before taking off. In totally unrelated news, Voice of America reports that travel is down to the United States despite a favorable exchange rate.
As for Americans' travel data, there's no restrictiion on the fields and the data is kept for decades.
I've asked Teufel to clarify and THREAT LEVEL hope to hear from him soon.
UPDATE: DHS spokesman Larry Orluskie said that Teufel is currently traveling back to the U.S. and will clarify with him things with him on Monday. He also suggest thre may be some "confusion as to what Teufel said" in press reports.
Photo: Rock Cohen
