Tuesday, March 15, 2011

HR 1007 Introduced – Terrorist Watchlist Redress

Last week Rep. Clarke (D, NY) introduced HR 1007, the Fair, Accurate, Secure, and Timely (FAST) Redress Act of 2011. The legislation is designed to put into place a formal appeal mechanism for air line passengers who are incorrectly identified as a potential security risk base upon their name being found on the terrorist watch list.

While the main focus of the legislation is to assist improperly targeted air line passengers, Rep. Clarke took care to ensure that it would apply to anyone adversely affected by being matched with a suspect name on the watchlist. In describing the establishment of the redress procedure it is described as a “process for individuals who believe they were wrongly delayed or prohibited from boarding a commercial aircraft or denied a right, benefit, or privilege by the Department because they were wrongly identified as a threat when screened against the terrorist watchlist used by the Transportation Security Administration” {§890A(a)}.

This could potentially affect two separate programs of interest to the chemical security community; the TWIC program and the CFATS personnel surety program that will sooner or later be announced by ISCD. In fact, one of the provisions that was included in last session’s HR 2868 (as passed by the House) was a requirement for the establishment of a similar redress process for the personnel surety program spelled out in that legislation.

Redress Process

The bill would establish the Office of Appeals and Redress. The Director of that office would report directly to the Secretary, probably because the use of the watchlist cuts across so many of the agencies within the Department. The Director would establish a redress process (specifically including an information technology system) that would address “case management, workflow, document management, recordkeeping, and interoperability issues” {§890A(c)(1)}.

The program would be designed to generally allow the redress process to be completed within 30 days. Additionally, to ensure that the problem remains resolved, the Director would be responsible for maintaining a ‘Comprehensive Cleared List’ of individuals whom have provided adequate identification to allow the system to determine that they were misidentified by the use of the terrorist watchlist. That ‘Cleared List’ would be specifically incorporated into the screening process used by TSA and US Customs and Border Protection (CBP) and other Federal, State and local agencies using the terrorist watchlist as a security screening tool.

Privacy Protection

As one would expect in legislation introduced by Rep. Clarke, there are fairly extensive provisions provided for the protection of personal information. These include privacy and security training, requirements for data encryption and provisions for sharing the personally identifiable information (PII) via an encrypted network.

While the bill would require individuals handling PII in accordance with 552a of title 5, United States Code, the Federal Information Security Management Act of 2002 (Public Law 107–296), the bill specifically exempts one type of PII from those requirements, legal name changes. Section 890A(e)(7) specifically states that “section 552a of title 5, United States Code, shall not prohibit the sharing of legal name changes among Federal agencies and entities for the purposes of this section”.

Redress Initiation

The legislation requires that TSA and CBP provide clear and unambiguous notice at air ports and ports of entry on the existence of the appeals process and guidance on how to initiate the process. Interestingly there are no other requirements for public acknowledgement of the process, no requirement to tell someone denied a TWIC or the ability to work at a high-risk chemical facility that there is an applicable appeals process to correct the misidentification of being a potential terrorist risk.

No comments:

/* Use this with templates/template-twocol.html */