Sens. Schumer, Nelson propose bill to protect airport body scan images

Computerworld - U.S. Sens. Charles Schumer (D-NY) and Ben Nelson (D-Neb.) today proposed legislation that would make the misuse of airport body scan images a federal crime.

The Security Screening Confidential Data Privacy Act would prohibit the dissemination or photographing of scanned body images by Transportation Security Administration (TSA) officials or anyone else with access to the scanning machines. Violators would face up to a year in prison and fines of up to $100,000 per violation.

The bill is proposed as an amendment to the Federal Aviation Administration's Reauthorization Bill currently being debated in the Senate.

The new law would mirror privacy rules already enacted for the Social Security Administration and the Internal Revenue Service, according to a statement released by Schumer's office. Those laws make it a crime for employees to disseminate or otherwise misuse personal data.

The bill responds to broad privacy concerns voiced by airline passengers and others about the Advanced Imaging Technology (AIT) scanners used by the TSA at several at U.S. airports.

The scanners are designed to detect non-metallic weapons and explosives concealed under a passenger's clothing. For example, TSA officials say the device would have detected the explosive PETN powder that would-be Christmas Day bomber Umar Farouk Abdulmutallab concealed in his underwear.

The TSA has already deployed hundreds of such scanners around the country and plans to have close to 1,000 deployed by 2014. The machines cost between $130,000 and $170,000 apiece.

Several civil rights and privacy groups contend that the detailed, three-dimensional images of passengers that are generated by such scanners are overly invasive and equivalent to a physical strip search. The groups have also challenged TSA claims about the ability of the machines to detect weapons.

The TSA has steadfastly downplayed such concerns, insisting that the scanners cannot store images. The TSA is also trying to defuse criticism by using new software that would render a generic outline of a person rather than the more detailed three-dimensional images currently generated.

Marc Rotenberg, president of Electronic Privacy Information Center, today said he welcomed the proposed legislation.

"Obviously, there are no circumstances under which anyone should be able to take an image generated by one of these devices and circulate it to others," he said. The thought that public officials could "actually be immune from such prosecution is absurd," he added.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is jvijayan@computerworld.com.

Read more about Security in Computerworld's Security Topic Center.