In their efforts to prevent a repeat of the Sept. 11 tragedy, the U.S.
government and the airline industry are relying on software so outdated that
it can't distinguish between the last name of terrorist mastermind Osama bin
Laden and punk rocker Johnny Rotten Lydon.
As the war on terrorism spurs U.S. intelligence agencies to constantly
expand aviation watch lists, many airline-reservation systems rely on name-
searching software based on a 120-year-old indexing system that mistakes the
similar spelling or sound of innocent passengers' surnames for those of
The result: Thousands of travelers have been flagged at airports for
additional searches and police questioning -- while critics say real
terrorists could slip through undetected.
The American Civil Liberties Union has documented at least 339 passengers
stopped and questioned after being flagged by the software at San Francisco
International Airport since the 2001 hijackings. But they all appear to be
"false positives," and no one has been arrested.
"If this is happening just at SFO, one can only imagine the thousands of
air travelers who are being stopped across the country in connection with the
no-fly list," said Jayashri Srikantiah, an attorney for the ACLU's Northern
California chapter. It has sued the FBI and the Transportation Security
Administration for information about why two San Francisco peace activists
were ensnared by the software.
Nationally, the FBI cannot cite a terrorist who's been captured because of
the no-fly list. Civil-liberties advocates say the Bush administration's
refusal to disclose policies and practices about the secrecy-shrouded watch
lists may simply conceal the lists' embarrassing ineffectiveness.
TSA CRITICIZES SOFTWARE
The TSA acknowledges that some airline-reservations software has difficulty
accurately comparing passenger names against the government watch lists. The
agency recently advised airlines that if a passenger is chronically
misidentified as a watch list suspect, the agency will put the person on a
"fly list," said agency spokeswoman Heather Rosenker.
"We acknowledge that security threats change and TSA needs to have -- on
behalf of everyone who flies -- the best possible system in place that gives
equal measure to privacy and security," Rosenker said. "What is currently
being operated by the airlines does not reach that goal."
The problem, critics say, is that the English-based name-search software
used by airline-reservation databases is easily flummoxed by Arabic, Asian and
other names that, when converted from their native script to the Roman
alphabet, can have hundreds of legitimate different spellings.
In the early 1990s, a Pakistani terrorist known as Mir Aimal Kansi entered
the United States -- eluding government watch lists -- by spelling his name
with the legitimate variant "Kasi" on travel documents. In 1993, he shot to
death two CIA employees and wounded three other motorists on a busy roadway
outside the spy agency's Langley, Va., headquarters and then fled the country.
The TSA says the ultimate solution is a new, government-operated version of
the airlines' Computer Assisted Passenger Pre-screening System (or CAPPS).
Congress mandated a new system after the Sept. 11 attacks.
The TSA says the so-called new CAPPS II system will make travel safer and
faster -- without sacrificing privacy and civil liberties.
CAPPS II COMING
Scheduled for deployment in Spring 2004, CAPPS II will require airline
ticket buyers to give more identifying information -- full name, birth date,
home phone number and address. This information will be run against private
credit-rating and government watch list databases to "verify you are who you
say you are," Rosenker said.
In less than five seconds, it will issue every U.S. passenger a threat-
assessment score encrypted on the boarding pass: A code "Green" passenger will
undergo normal security, a "Yellow" code will face additional searches and
"Red" codes will be barred from traveling.
However, the proposed system has critics warning of "trial by computer."
For example, a December study by the Consumer Federation of America and the
National Credit Reporting Association found errors in names and other
identifying information in 1 out of 10 credit reports -- the tools that TSA
hopes to use to confirm identities.
"We've seen serious inconsistencies and error in the data, and any system
that relies on that data is going to inherit those inconsistencies," said
study researcher Brad Scriber, of the consumer federation.
Aviation watch lists were started in 1990 to keep terrorists and "air
pirates" off airplanes and track drug smugglers and other fugitives. But since
the 9/11 hijackings, the lists have been expanded significantly.
TSA manages two watch lists: the top-secret "No-Fly List" -- which aims to
keep terrorist suspects off airplanes -- and a list of lower threat
"selectees" chosen for expanded searches.
Problems begin when the name of a passenger checking in at the airline
counter is incorrectly flagged by the reservation computer as being on a watch
list. The computer terminal automatically locks up, requiring the ticket agent
to contact local police or the FBI to clear the traveler.
At SFO last August, Jan Adams and Rebecca Gordon were stopped for being on
the no-fly list, according to SFO records obtained by the ACLU under the state
Public Records Act.
After questioning by police, who cleared them, the couple were allowed to
fly to Boston -- with additional searches of their persons and baggage.
THEY ARE PEACE ACTIVISTS
Adams and Gordon feared the government was targeting them because they're
veteran peace activists and co-founders of War Times, a San Francisco anti-war
newspaper. Now it appears that reservations systems were rounding up anyone
with a name similar to "J. Adams," including a Virginia attorney (J. Christian
Adams) and a young woman (Jodi Adam) who was stopped at SFO the same day as
the peace activists, according to TSA complaints and police records.
"As a 'J. Adams,' I really find it disturbing that somebody somewhere in
the government is generating something that causes 'J. Adamses' to be looked
into, and I can't find out anything about it," said Jan Adams, 55.
On the couple's behalf, the ACLU sued the TSA and the FBI for failing to
respond to a Freedom of Information Act request for records about their no-fly
list status. The FBI's response letter stated it had "no records" for the
women -- or about any watch lists -- and the TSA didn't respond to the records
The problem is that reservation software now relied upon by the government
was designed not to catch terrorists, but to quickly summon passenger names or
to catch deal-hunting passengers making duplicate bookings.
SORTED BY SOUNDS
Many airlines rely on name-searching software derived from "Soundex," a 120-
year-old indexing system first used in the 1880 U.S. census. It was designed
to help census clerks quickly index and retrieve sound-alike surnames with
different spellings -- like "Rogers" and "Rodgers" or "Somers" and "Summers" --
that would be scattered in an alphabetical list.
Soundex gives each name a key using its first letter and dropping the
vowels and giving number codes to similar-sounding vowels (like "S" and "C").
The system gives the same code, L350, for "Laden" and all similar-sounding
names: Lydon, Lawton, and Leedham.
Fears that a CAPPS II system will magnify the problem spurred the Senate to
approve an amendment in May that would require the Bush administration to
report to Congress within 90 days about what safeguards are in place to
protect civil rights.
The bill's author, Sen. Ron Wyden, D-Ore., said: "What this debate is
really going to be all about is: How does government come up with a strategy
that allows us to fight terrorism ferociously without gutting our civil
©2003 San Francisco Chronicle