NYT – The Transportation Security Administration violated the federal Privacy Act by creating a database of aviation passenger records that merged airline records with commercial data in an improper way, government auditors said Friday.

The violation did not result in the inappropriate release of personal data or wrongly prevent anyone from boarding a plane, the Government Accountability Office report said.

But it still violated the law, the report said, because the database included biographical information on 43,000 passengers from private companies, contrary to the agency's promise not to collect and store commercial data. The database was used to test a new screening system known as Secure Flight that is due to be introduced by early next year.

The agency issued a revised Privacy Act declaration to make public the way it uses the data in testing Secure Flight. Such disclosures are required by the 1974 privacy law.

Secure Flight, as planned, should enhance the government's ability to find terrorists while reducing the frequency that passengers are delayed simply because a name is similar to that of a terror suspect on the watch list.

Security agency officials did not dispute the findings, but some in Congress called them disappointing because they followed a similar privacy violation in which airlines turned over passenger data to government contractors.

"Careless missteps such as this jeopardize the public trust and D.H.S.' ability to deploy a much-needed, new system," Senator Susan Collins, Republican of Maine, wrote on Friday to Secretary Michael Chertoff of the Department of Homeland Security.
——-
We remain amazed by the concern with privacy during a war on civilians. What does it take for people to back off and let the government do its main job – namely protecting its citizens?