Review of the Terrorist Screening Center's
Efforts to Support the Secure Flight Program
(Redacted for Public Release)
Audit Report 05-34
Office of the Inspector General
Since the announcement of the Secure Flight initiative in August 2004, the TSC has begun preparations for supporting this additional terrorist screening effort. The TSC's role in Secure Flight involves performing tasks similar to those it currently conducts in screening suspected terrorists at ports of entry and within the United States. However, in preparing for the launch of Secure Flight, the TSC has implemented a number of changes in anticipation of a significant increase in the volume of screening requests.
During the course of the development of the TSA's Secure Flight program, the TSA reorganized or restructured the office responsible for the initiative at least two times. According to the GAO, in November 2004 the DHS attempted to consolidate and strengthen TSA's screening capability by combining the Office of National Risk Assessment - which developed CAPPS II - with the Credentialing Program Office to become the Office of Transportation Vetting and Credentialing. In April 2005, this office was restructured to create the Office of Secure Flight/Registered Traveler.
According to TSC officials, this repeated restructuring has hampered communication and coordination between the TSA and the TSC and has impeded the TSC's ability to fully plan for the implementation of Secure Flight, as detailed below.
In September 2004, officials from TSA and the TSC met to discuss initial plans for implementing Secure Flight, and in October 2004 jointly developed a high-level process flow chart for Secure Flight. In December 2004, the TSC IT Branch provided the TSA with data from the TSDB for the purpose of conducting preliminary testing related to Secure Flight. In January 2005, the TSC asked for and received the assistance of a full-time TSA executive to work as the TSC Secure Flight Program Coordinator. However, it was not until February or March 2005 that the TSA and the TSC began to actively work together on the Secure Flight program. At that time, regularly scheduled, joint meetings with all key participants were initiated to define the roles of the supporting agencies and discuss the status of Secure Flight's development.22 TSA officials explained that this delay resulted from their devotion of significant resources to data testing and that they simply did not have time to coordinate with the TSC. Early discussions included the level of information contained within the joint concept of operations between the TSA and the TSC and the level of participation the TSC and FBI Counterterrorism Division staff would be expected to have in the Secure Flight process.
In March 2005, the TSA finalized its initial Secure Flight concept of operations. According to the March 2005 GAO report, the concept of operations document provides "a high-level perspective of how the system will operate and includes the roles and responsibilities of key staff and organizations. It also provides information necessary to begin finalizing other documents, such as system requirements."23 However, the GAO reported that key operational decisions for Secure Flight had not yet been made, such as how passenger information would be transferred from the airlines to the TSA Secure Flight office. Since issuance of the GAO report, the TSC has collaborated with the TSA on a revised concept of operations document that provided for the participation of the TSC, which was finalized on July 13, 2005.24
In addition to the concept of operations document, the TSC and TSA have collaborated on a Memorandum of Understanding (MOU) intended to outline the agencies' respective roles and responsibilities for the Secure Flight program. The TSC initially prepared a draft of the document and submitted it to the TSA in May 2005. As of July 31, 2005, the document had not been finalized.
We spoke with officials at both the TSA and the TSC about the working relationship that had developed between the two agencies. TSA officials expressed their satisfaction with the TSC's support of the Secure Flight program and believe that the TSA and the TSC have a positive partnership. Further, the TSA stated that the TSC had assisted the TSA significantly in its development of processes and IT-related projects. According to TSA officials, the relationship between the TSA and the TSC will allow for a more consistent and unified law enforcement response to airline security incidents and help the TSA in ensuring transportation security.
The TSC has expressed its willingness to assist the TSA in its Secure Flight initiative. Further, despite TSC personnel initially being excluded from the TSA's preliminary planning for the program, we found that the TSA/TSC relationship has evolved into a more positive working partnership. However, TSC officials explained that their ability to prepare for the implementation of Secure Flight has been hampered by the TSA's failure to make, communicate, and comply with key program and policy decisions, such as the planned launch date and initial participation volume (discussed in Chapter 1) and the IT connections and redress responsibilities discussed later in this chapter.
The Director of the TSC stated that the portion of the agency's activities dedicated to Secure Flight has evolved over time. She estimated that only a small portion of the TSC's resources were dedicated to Secure Flight in the winter of 2004. However, the TSC's efforts have increased incrementally since then. The Director estimated that by mid-July 2005 about 60 to 70 percent of the TSC's work could be attributed to preparations for the Secure Flight program because of the impending launch of the initiative and the large of amount of preparations underway.
The TSC stated that once preparations for the Secure Flight program are finalized, the program is launched, and screening begins, Secure Flight will be an additional important TSC customer that will significantly increase its call center activity. The TSC will perform much of the same screening processes it currently conducts for calls from state and local law enforcement, border patrol agents, and government agents abroad. As of July 2005, TSC screeners were receiving about 100 inquiries per day resulting from hits against the watch list database forwarded from these sources. Based on information currently available, the TSC expects that full implementation of Secure Flight will result in [SENSITIVE INFORMATION REDACTED] additional screening inquiries per day, representing an increase of [SENSITIVE INFORMATION REDACTED] percent of its current screening operations.
To ensure that the TSC addressed all areas of support for the Secure Flight program, the TSC developed three sub-teams - an operations team, an information technology (IT) team, and a policy/legal team. These teams meet on a weekly basis with the TSC Secure Flight Program Coordinator to discuss the status of their projects and to jointly prioritize their work. According to the TSC, the combination of these sub-teams and the leadership of the Program Coordinator resulted in a multi-disciplined internal working group that organized and prioritized the agency's Secure Flight objectives and streamlined its approach to the program.
The TSC stated that the Secure Flight program will significantly impact its space, staffing, and funding needs. TSC officials also stated that other TSC projects have taken a back seat while they focused on the planning and development of Secure Flight requirements.
TSC Budget Information
The TSC's base budget for FY 2005 is $29 million. In addition, it recently obtained through the FY 2005 Emergency Supplemental Appropriations Act additional funding of $35.23 million, which the TSC will have 2 years to spend. These additional funds were provided by Congress for Secure Flight and other unspecified infrastructure improvements. As a result, the TSC received a total of $64.23 million in FY 2005.
The FBI's initial FY 2006 budget request of $29 million for the TSC was later supplemented in November 2005 by an out-of-cycle request of $75 million for TSC enhancements, including a new facility, state-of-the-art telecommunications equipment for call center operations, and preparations for Secure Flight and other government initiatives that will result in additional terrorist screening opportunities. Therefore, the FBI's total funding request for the TSC for FY 2006 amounts to $104 million.
Tracking of TSC Secure Flight Costs
At the outset of our review, we requested an accounting of the TSC's expected and actual Secure Flight costs. In response, the TSC stated that Secure Flight cannot operate without substantial modifications to the TSC's existing IT environment, such as the ability to handle a significant increase in the number of screening inquiries, the development of data interfaces with new participating agencies, improvements allowing for real-time connectivity with users, and other necessary enhancements to the TSDB and the TSC's Encounter Management Application (EMA).25 According to TSC officials, they are using the Secure Flight requirements as the basis for all modifications to the TSC's databases and processes that have any connection to Secure Flight. As a result, TSC officials said they could not distinguish Secure Flight funding needs from those necessary for other TSC system enhancements not related to Secure Flight.
In response to our request, however, the TSC Administration Branch prepared and provided a summary spending plan. We reviewed this document and noted several problems. For example, the document stated that the TSC could attribute only $1.5 million directly to the Secure Flight program. The $1.5 million only captured estimates for contractor funding for initial IT development, including the identification of requirements and concept development for Secure Flight. Moreover, the document did not specify how Secure Flight affected other expected costs or what portion of the TSC's activities were impacted by Secure Flight. As a result, we expressed to the TSC the importance of more specifically allocating its costs so that the resource requirements of discrete programs or initiatives can, at a minimum, be estimated.
The Director of the TSC agreed with the need to identify Secure Flight funding needs separately from other TSC endeavors. Additionally, she acknowledged that because certain TSC expenses, such as systems, staffing, and procurements, are paid by other federal agencies or divisions within the FBI, the TSC is unaware of how much the organization truly costs to operate. The Director stated that she recognizes the importance of having designated budget staff to perform budget formulation, analysis, and execution, but stated that the TSC does not currently possess the expertise to perform these functions. Given the importance of its mission and the large amount of money it annually receives, we believe it is critical that the TSC have a budget staff able to track its costs and requirements.
Review of Funding Information
As a result of our discussions with the TSC Director and her staff in July 2005, the TSC subsequently informed us that it would make another attempt to more precisely reconstruct its estimation of Secure Flight costs. In mid-July, we received a breakdown of FY 2005 and FY 2006 Secure Flight direct costs as well as the indirect costs in proportion to the total costs for the TSC as a whole.
To separate Secure Flight indirect costs from the total costs for all TSC programs and activities, the TSC identified the percentage of the total call volume, customers, and staff at the TSC that were expected to be related to Secure Flight activities. These percentages were applied to budget categories to allocate the costs of each category and to estimate the overall cost of supporting Secure Flight.
As shown in Table 1, the breakdown provided by the TSC reveals that 12.5 percent ($8,034,732) of the TSC's $64.23 million in appropriated and supplemental resources in FY 2005 is estimated to be in direct support of the Secure Flight program. An additional 20.6 percent ($13,256,696) of the total is estimated as indirect costs for the Secure Flight program. This amounts to a total of $21,291,428 for Secure Flight-related expenses in FY 2005, or 33.15 percent of the TSC's total FY 2005 funding.
As shown in Table 2, the TSC estimated its FY 2006 budget expenditures directly related to Secure Flight will amount to 11.6 percent ($11,417,869) of the resources included in the FY 2006 President's Budget request for the TSC. Indirect costs for Secure Flight in FY 2006 are projected to amount to 26.4 percent ($26,099,699) of the TSC's total anticipated budget for FY 2006. Therefore, the total cost for Secure Flight (direct and indirect) in FY 2006 is projected to account for 38 percent ($37,517,568) of the TSC's total requested budget.
The majority of the TSC's actual and projected Secure Flight direct costs in both FY 2005 and FY 2006 are related to IT enhancements and operational expenditures to support an anticipated increase in call center activity. A significant portion of the overall program costs are percentages of TSC enhancements and infrastructure improvements that are not related directly to Secure Flight, but which the TSC has stated will support all of its activities. As previously noted, the TSC budget increases for both FY 2005 and FY 2006 were to support Secure Flight and other initiatives.
We were unable to perform transaction testing or an in-depth analysis of the cost breakdowns provided by the TSC because the information was not provided until July 18, 2005. The TSC also has not been able to adequately estimate its projected workload increase due to the TSA's failure to provide a reliable and definitive implementation schedule for the Secure Flight program as a whole. Moreover, the TSC's total and indirect costs are based upon assumptions of growth in areas outside of Secure Flight, and in this review we did not examine these non-Secure Flight enhancements.
Given these factors, we are unable to reach a conclusion as to the accuracy of the financial information the TSC provided our auditors to explain its direct and indirect costs of implementing Secure Flight. We recommend that the TSC develop the capacity to produce more accurate financial and budgetary projections that identify its Secure Flight funding needs separately from other TSC endeavors. However, as it stands currently from the information provided, the OIG cannot determine how much of the $75 million out-of-cycle budget enhancement requested by the TSC for FY 2006 appropriately reflects the TSC's actual anticipated expenses for Secure Flight versus other enhancements.
At the exit conference for this audit, TSC officials stated that they do not currently have the ability to project baseline budget information related to the cost of adding Secure Flight to the TSC's regular operations. TSC officials attributed this lack of fundamental data to their stage of development, noting that the organization has been in existence for less than 2 years. TSC management stated that the TSC's base budget of $29 million was derived from conservative estimates developed during the organization's earliest days and this amount cannot meet its normal operating requirements. They further stated that the composition of the TSC as an intergovernmental organization within the FBI makes the situation more complex. In addition, TSC officials stated that the structure of the FBI's financial systems limits its flexibility in categorizing and summarizing costs associated with its varied projects and programs. TSC officials said that they understand the importance of being able to discretely project and track costs by program, budget category, or organizational unit. However, the TSC stated that it currently is unable to accurately estimate the incremental cost of adding programs that increase the TSC's range of operations, such as Secure Flight.
According to the TSC, it has been forced to delay the implementation of security measures, database enhancements, and quality control improvements to provide support for the launch of Secure Flight. TSC officials informed us that such delays will impact the accuracy, completeness, thoroughness, and security of the consolidated watch list information. TSC officials said that the following projects were delayed because of Secure Flight:
Each of the projects listed above relate directly or indirectly to the findings and recommendations in our June 2005 report. We are tracking the TSC's accomplishment of these items through that report and have observed that these projects have incurred delays. At the exit conference, TSC officials reported that several of the delayed projects have been initiated or completed.
As reported in our June 2005 audit of the TSC, the TSC was operating in an immature IT environment when it hired a Chief Information Officer (CIO) in August 2004. Our previous report included 16 recommendations related to the TSC's IT systems, planning, and operations. In an effort to develop and stabilize the IT environment in preparation for implementation of the Secure Flight program, the CIO has spearheaded a number of initiatives.
First, TSC officials have begun to develop an IT-specific strategic plan that identifies nine major objectives related to issues such as security, life cycle planning, and data accuracy and completeness. The TSC intends to incorporate this IT-specific information in its overall strategic plan, which is also in development.28
Second, in order to streamline IT functions, the TSC has reorganized its IT Branch into four areas - engineering, project management, applications, and operations. The engineering area designs the top-level physical IT system, drafts diagrams of the general construction of the system, and conceptualizes security architecture. The project management area plans, schedules, and tracks various IT-specific projects and assists with all types of TSC projects, such as scheduling and tracking the TSC's proposed move to a new facility. The applications area manages software development, including determining user requirements and designing, testing, and deploying the programs. The operations area provides maintenance and support for the TSC's data systems, applications, and users.
In addition, the TSC established an office responsible for developing business/data rules to ensure the integrity of the watch list data. This office will assist in the TSC's quality assurance efforts and have responsibility for ensuring that the TSA Secure Flight office has an up-to-date watch list at all times.
We believe that these initiatives will assist the TSC in enhancing its IT environment. A better-functioning IT environment is critical to the smooth introduction of the TSA Secure Flight program into the TSC's operations.
TSC officials said that it initially appeared to them that the TSA did not plan for the TSC to be directly involved in the Secure Flight screening process. The TSC officials said that the TSA assumed that it would be responsible for conducting all of the electronic searches and vetting for terrorist screening related to domestic air travel. Under this scenario, the TSC's role would be limited to providing a copy of the consolidated watch list database to the TSA. However, according to TSC officials, the TSA's initial plan did not account for communicating vetting results to the law enforcement agencies responsible for responding to hits against the watch list. The TSC, which derives its authority from Homeland Security Presidential Directive-6, is the entity responsible for consolidating government terrorist watch list screening and to facilitate any associated law enforcement actions. Therefore, the TSC sought a broader role in the TSA's Secure Flight program.
The TSC also said that the TSA initially neglected to plan for the complex process of record additions, deletions, and modifications made to the TSDB on a continual basis. According to the TSC's IT officials, this deficiency resulted from the TSA's initial assumption that it would receive a relatively static copy of the TSDB against which it would compare the passenger data obtained from the airlines.
Once the TSA and the TSC agreed to the TSC's expanded role in the Secure Flight program, many of the processes that the TSA had already developed had to be re-designed and re-tooled to accommodate the TSC's involvement. This necessitated the previously discussed revisions to the Secure Flight concept of operations document. In addition, the TSC's planning for Secure Flight has been affected by several other actions and decisions by the TSA, including:
TSC officials reported that beginning in May 2005 coordination between the two organizations improved greatly. However, in the middle of June, just weeks prior to the original laboratory testing date, the TSA identified problems with the data file formats that are critical for transmission of passenger information from the airlines to the TSA Secure Flight Office and the subsequent transmission of TSA Secure Flight-determined watch list matches to the TSC. According to TSC officials, two separate teams at the TSA designed the two processes and apparently did not coordinate the basic file structures and did not consult the TSC. Until the basic format was finalized in July 2005, the TSC was not certain what data fields it would receive. TSC IT officials stated that the TSA's file format problem might not have occurred had standards been established and the Interface Control Document finalized prior to developing the Secure Flight systems and applications.
As outlined in the Secure Flight Overview section in Chapter 1, the domestic flight screening process involves four main data interface connections for the transmission of: (1) passenger data from the airlines to the TSA Secure Flight Office; (2) TSDB watch list updates from the TSC to the TSA Secure Flight Office; (3) initial watch list match results from the TSA Secure Flight Office to the TSC; and (4) final screening results from the TSC to the TSA Secure Flight Office as well as to appropriate responding entities such as the FBI Counterterrorism Division, FAMS, or NORAD. Of these four data connections, the TSC is directly involved in three.
Airline Passenger Data to the TSA Secure Flight Office - The TSA assumed responsibility for developing these data interfaces. To fully accomplish the mission of the Secure Flight program, the TSA ultimately will need to develop a connection between its Secure Flight Office and each commercial airline reservation database. However, as previously discussed, the TSA experienced internal problems regarding the development of the file format for this data transfer. According to TSA officials, the necessary interfaces with select air carriers will be operational to begin test operations in September 2005.
TSDB Watch List Updates to the TSA Secure Flight Office - After the initial transfer of appropriate watch list records, the TSC will transmit, in near real-time, three types of watch list record updates to the TSA Secure Flight Office - additions, modifications, and deletions.
The TSA has assumed responsibility for this data interface. However, TSC IT officials stated that for their normal screening operations, they have been working to develop an interface so that a computer system (such as the one being developed for the TSA Secure Flight program) could connect directly with the TSDB for terrorist screening.31 According to the TSC officials, this direct interface will provide for greater data accuracy, integrity, and security for the TSDB because it eliminates the need to copy, update, maintain, and secure the TSDB in another location. The TSC had planned to have this capability by May 2005. The TSC officials stated that the TSA ultimately refused the integration of this option in the Secure Flight program because of the compressed work schedule. In order to meet the TSA's Secure Flight implementation deadline, the TSC was forced to delay development of its direct interface process for its other screening customers.
To support its current operations, the TSC established a stand-alone network for the TSDB. In addition, on May 23, 2005, the TSC began operating the newly created TSCNet that was established on an existing sensitive but unclassified platform called the Open Source Information System (OSIS). In preparation for Secure Flight, the TSC has tested a connection between the TSDB network and the newly created TSCNet. Further, the TSC has established a direct connection to the DHS's network, DHSNet, which is also on the OSIS platform. The TSC intends to use these multiple connections to exchange TSDB records with the TSA. [SENSITIVE INFORMATION REDACTED] provides a back-up that will automatically re-route data transmissions in the event of a failure in the primary interface to ensure continuation of Secure Flight operations.
TSC IT officials said they finished testing the connection to DHSNet on July 13, 2005, and plan to submit to the FBI CIO the necessary documents to obtain specific accreditation for the new connection. The TSC anticipates that this process will be fully tested and the new connections accredited prior to the implementation of the TSA Secure Flight program.
Watch List Matches from the TSA Secure Flight Office to the TSC - For passengers determined to be possible matches against the watch list, the results of the TSA's vetting of passenger records need to be transmitted electronically to the TSC for final adjudication. Each record (called a Request for Action, or RFA) will contain passenger information obtained from the airline as well as results of the analysis performed by the TSA Secure Flight staff.
TSC assumed responsibility for this data interface, and it modified and enhanced its existing encounter application to create a new application, entitled Encounter Management Application - Secure Flight (EMA SF). The EMA SF data will be transmitted electronically to the TSA Secure Flight Office via the TSC's and DHS's mutual connection with OSIS. According to TSC IT officials, the TSC was able to enhance operational capability, minimize the impact to its current screening customers, and conserve resources by modifying its existing encounter management application to serve this function.
The EMA SF application is designed to streamline TSC functions by electronically transmitting data and pre-populating data fields, thereby eliminating the need to manually re-type data. Because of the compressed implementation schedule, the EMA SF will only contain the functions necessary to meet initial operating capability. However, according to the TSC it will be fully operational. Over time, the TSC intends to make further enhancements to the system to enable the sharing of more complete data.
The TSC completed testing the prototype EMA SF application at the beginning of June 2005. The end users, including representatives from the TSC call center, TSA, the Federal Air Marshal Service (FAMS), and FBI Counterterrorism Division met in mid-July 2005 and tested the design of the application. TSC IT officials stated that user testing of the application design is critical because the process assists in the identification of any real-life situations that were not addressed during system design. Two additional testing phases remain for the EMA SF application. The final testing phase is scheduled to begin on August 2, 2005, and run for approximately 25 business days. TSC IT officials anticipate that the final test phase will be successfully concluded and the application will be ready for the September 2005 implementation date.
TSC Disposition of Final Watch List Hits to the TSA and Responders - Upon receipt of the TSA's initial vetting results, the TSC will conduct additional screening on the passenger record, make a final determination as to whether the individual attempting to travel is a valid match against the watch list, and electronically return the final disposition result to the TSA Secure Flight Office. In addition, when the TSC's review reveals a positive or inconclusive identity match, the TSC will communicate the available details of the match (such as passenger name, flight information, and handling instructions) to the law enforcement agencies responsible for responding to the anticipated encounter with an individual on the watch list.
The TSC assumed responsibility for this data interface and will use its enhanced EMA SF. The new application will assist in coordinating an appropriate law enforcement response by ensuring that all participating agencies view the same data in near real-time.
The TSC will use the OSIS network to enable its partners to access the EMA SF application. According to TSC IT officials, the North American Aerospace Defense Command (NORAD), FAMS, and the TSA have established and tested network connections with DHSNet and OSIS. In addition, because the TSC had an existing working relationship with the FBI Counterterrorism Division for its normal business operations, it did not need to establish a new network connection for TSA Secure Flight.
In preparation for supporting the TSA's Secure Flight program, the TSA and the TSC have worked together to address several legal requirements. In addition, in an attempt to maximize terrorism screening while minimizing passenger inconvenience, the TSC and the TSA have also begun quality assurance and redress projects.
According to the TSC Privacy Officer, the TSDB is considered a "system of records" as defined by the Privacy Act of 1974, as amended, because it contains data regarding individuals that can be retrieved by the name of the individual or by an identifying number, symbol, or other piece of information.32 As a result, both the TSA and the TSC are required to publish in the Federal Register a description of their records or a new use of the information and to provide the public an opportunity to comment. This System of Records Notice, or SORN, informs the public of the purpose for the system and includes information such as a description of the types of individuals reflected in the records, the data collected, the reason for data collection, the data safeguard and security processes, and rules and purposes for sharing the data.
The TSA has issued at least two SORNs for the Secure Flight program and will need to issue an additional SORN specifically addressing TSA's implementation of the operational screening. According to TSA officials, this notice will be published prior to implementation of the TSA Secure Flight program in September 2005.
According to TSC officials, the TSC is currently operating under an existing FBI SORN covering the FBI's central records system. However, according to the TSC Privacy Officer, the TSC has elected to draft its own SORN because of the TSC's unique mission. On July 28, 2005, the TSC published its SORN, which applies to Secure Flight and all of TSC's current and anticipated screening operations.
In addition to the Privacy Act, both the TSC and the TSA are subject to the E-Government Act of 2002, which discusses the need to conduct and publish, as appropriate, Privacy Impact Assessments (PIA).33 A PIA relates specifically to an IT system that collects, maintains, or disseminates personal information about members of the public who are not government employees, agencies, or instrumentalities. The PIA informs the public about issues such as affected individuals, types of information collected, and information safeguard procedures.
The TSA has published multiple PIAs for the Secure Flight program and will need to conduct an additional PIA specifically addressing the implementation of the operational screening. According to TSA officials, this notice will be published prior to implementation of the TSA Secure Flight program in September 2005. The TSC Privacy Officer stated that she has begun to conduct and draft a PIA for all TSC IT-programs.34
To assist individuals who believe they were inappropriately delayed or prohibited from boarding their flights because of the Secure Flight program, the Intelligence Reform and Terrorism Prevention Act of 2004 (the Intelligence Reform Act) directed the DHS to establish a timely and fair method to appeal these determinations and to correct any erroneous data found in the terrorist screening database. To provide domestic airline passengers a redress process, TSA officials indicated that they would expand and enhance existing procedures for individuals raising issues with flight problems related to the no-fly, selectee, and CAPPS I screening processes that have been in existence for several years. To augment its redress operations, the TSA stated that it established a new office, increased its staffing, and drafted new processes and procedures.
According to the TSA, the TSC will play a supporting role in the redress process and will not have direct contact with the public about these issues. When an individual submits a request for redress to the TSA, the individual will be required to provide specific, verifiable identifying information such as passport or visa number, birth certificate number, or driver's license number. The TSA will review available information, request TSC assistance in obtaining more detailed investigation-specific data if necessary, and respond to the redress requestor. If the individual is determined to be a false positive (a close enough match to a TSDB record that will result in a hit against the watch list despite the person not being a true match of the watch-listed individual), the TSA may place the person on a "cleared list" that includes the individual's additional identifying information. This cleared list will be included in the airline screening process and may therefore speed the process for these individuals during subsequent attempts to travel.
Because the responsibility for fully establishing and implementing redress policies and procedures rests with the TSA, we could not review the plans for enhancing this area as it relates to the Secure Flight program.35 However, we found that the TSC had devoted significant effort to enhancing its own activities related to the redress process. In July 2005, the TSC Privacy Officer issued a revised protocol outlining the TSC's procedures for handling redress inquiries. In addition, the TSC provided us with evidence that appropriate TSC staff had received training on the new protocol.
In the June 2005 OIG report on the TSC, we identified errors, omissions, and inconsistencies in the TSDB. As a result, the TSC is currently performing a review of all TSDB records in the database for accuracy and completeness. The TSC has initiated a major quality assurance effort to ensure that all records are analyzed through a record-by-record search, in order of highest priority first. TSC officials have stated that this effort will verify the integrity of historical TSDB data and allow the quality of new data to be controlled through the automated processes included in the most recent version of the TSDB. However, TSC officials stated that they believe many errors and omissions in the records are directly attributable to the records received from the source and nominating agencies and that these inaccuracies contribute significantly to the overall reliability of the TSDB.
The TSC's record-by-record review will likely not be completed before Secure Flight is implemented. In addition, as of April 2005, the head of the TSC Data Management Office has been assigned full time to Secure Flight-specific issues. The TSC CIO expressed concern that, as a result, the watch list data was not being checked sufficiently for accuracy and that available and necessary security measures had not been implemented.
The compressed time frame of our review did not allow us to perform additional testing on the TSDB records. However, while conducting our fieldwork at the TSC, we were informed of a recent incident in which a participating agency combined two separate records and forwarded the data to the TSC as a single record for inclusion in the TSDB. As a result, the TSDB record included erroneous identifying information and an individual was falsely identified as a positive match against the watch list. The TSC redress staff informed us that the TSC had identified the error, provided the originating agency with its findings, and confirmed that the source record was corrected.
In addition, officials at the TSC informed us that the volume of issues handled through the quality assurance process is increasing. To manage this increased workload, the TSC has increased manpower by hiring new permanent employees and temporary duty staff. Even with these enhancements, TSC officials expressed concern regarding their ability to manage the quality assurance process because the volume of inquiries will greatly increase once the TSA Secure Flight program is implemented. According to TSC officials, their Quality Assurance staff requested an enhancement to the EMA system that would automate the tracking and management of the quality assurance process. However, the development of the requested enhancement has been delayed because the IT staff has been dedicated to Secure Flight issues.