TSA to test privacy-enhancing software on whole body scanners
New technology will generate only 'generic' images of passengers, agency says
Computerworld - The Transportation Security Administration (TSA) will soon begin testing new software designed to better protect the privacy of individuals passing through its full body scanners at U.S. airports.
The TSA says that the new software will eliminate the passenger-specific images that are generated by current Advanced Imaging Technology machines and replace them with generic images instead.
The software is designed to automatically detect potentially dangerous items on a person and to indicate its location on a generic outline of the individual, the TSA said in a statement .
Testing of the new software began today at Las Vegas' McCarran International Airport. Similar tests are scheduled to begin over the next few days at Atlanta's Hartsfield Jackson airport and at the Ronald Reagan National Airport in Arlington, Va.
The testing is being done to confirm if the new software will yield the "same high level of security" as the body scanners currently in use at U.S airports, but with better privacy protections, TSA Administrator John Pistole said today in a statement.
The TSA's move to test the new privacy-enhancing software appears designed to defuse stubborn concerns relating to the use of such systems. Though polls have suggested that a majority of Americans support the use of such scanners, several groups have expressed concerns over the technology and have asked for a through review of its usefulness.
Whole body imagers or advanced imaging technology (AIT) scanners, as the TSA calls them, are supposed to help detect non-metallic weapons and explosives concealed under a passenger's clothing. One example is the explosive PETN powder that would-be Christmas Day bomber Umar Farouk Abdulmutallab concealed in his underwear.
The TSA has already deployed, or is deploying, hundreds of such scanners around the country. By 2014, about 900 of the machines are expected to be installed at a cost of $130,000 to $170,000 per scanner.
Groups such as the Electronic Privacy Information Center (EPIC) have said that the detailed, three-dimensional images of passengers that are generated by such scanners are overly invasive and equivalent to a physical strip search. They have also challenged the TSA's claims about the efficacy of such systems in helping detect concealed threats.
EPIC and others have been pressing for a complete review of the technology and of its privacy implications. Even the Government Accountability Office (GAO) has called for a more thorough vetting of the technology over similar concerns.
The TSA has steadfastly downplayed such concerns. It has noted that the images generated by the scanners are too indistinct to identify individuals. It also notes that the agents who actually see the scanned images are located in a viewing station some distance away from the actual scanner so they have no idea of who is being scanned at any time.
The TSA has also repeatedly insisted that its scanners do not store images of scanned passengers -- an assertion that has been challenged by EPIC and others.
EPIC said today that the TSA's moves do not go far enough. "We are not at all convinced," that the new software will address privacy concerns, said Marc Rotenberg, president of EPIC. He said using the new software would actually create new privacy concerns because the TSA has indicated that it no longer needs a remote viewing facility once the new software becomes operational.
"We will be filing a FOIA lawsuit this week for more information about the revised airport screening software," Rotenberg said. He added that EPIC's previous lawsuit seeking a suspension of the body scanning program is scheduled for March 10 before the D.C. Circuit Court of Appeals.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
- NSA defends collecting data from U.S. residents not suspected of terrorist activities
- Groups fear bill would allow free flow of data between private sector and NSA
- Google's move into home automation means even less privacy
- Bill to require warrant for email searches gains ground in House
- Coming soon to a fridge near you -- targeted ads
- Snowden leaks prompt tech firms to tout privacy, transparency policies
- License reader lawsuit can be heard, appeals court rules
- Is EU's 'right to be forgotten' really the 'right to edit the truth'?
- Tails 1.0: A bootable Linux distro that protects your privacy
- Privacy jitters derail controversial K-12 big data initiative
Read more about Privacy in Computerworld's Privacy Topic Center.
- Agility & Scalability for Oracle EBS R12 and RAC on VMware vSphere 5 This white paper outlines extensive performance and scalability testing of Oracle EBS applications on a Vblock™ Systems with vSphere 5.
- Oracle and VCE: The Next Step in Integrated Computing Platforms In this ESG Lab review you will learn how a VCE system driven by Oracle, delivers the perfect blend of high performance and...
- Migrate Oracle Apps from RISC/UNIX to Virtualized x86 Ready to move Oracle to a virtualized environment? This brief explains how true converged infrastructure can help you migrate from a RISC/UNIX environment...
- Step Out of the Bull's-Eye Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe.
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!