Secure Flight Program, 48356-48391 [E7-15960]

Agencies

• DEPARTMENT OF HOMELAND SECURITY
• Transportation Security Administration

[Federal Register Volume 72, Number 163 (Thursday, August 23, 2007)]
[Proposed Rules]
[Pages 48356-48391]
From the Federal Register Online via the Government Printing Office [www.gpo.gov]
[FR Doc No: E7-15960]



[[Page 48355]]

-----------------------------------------------------------------------

Part III





Department of Homeland Security





-----------------------------------------------------------------------



Transportation Security Administration



-----------------------------------------------------------------------



49 CFR Parts 1507, 1540, 1544, and 1560



 Secure Flight Plan; Proposed Rule



Privacy Act of 1974: System of Records; Secure Flight Plans; Notice



Privacy Act of 1974: Implementation of Exemptions; Secure Flight 
Records; Proposed Rule

Federal Register / Vol. 72, No. 163 / Thursday, August 23, 2007 / 
Proposed Rules

[[Page 48356]]


-----------------------------------------------------------------------

DEPARTMENT OF HOMELAND SECURITY

Transportation Security Administration

49 CFR Parts 1540, 1544, and 1560

[Docket No. TSA-2007-28572]
RIN 1652-AA45


Secure Flight Program

AGENCY: Transportation Security Administration, DHS.

ACTION: Notice of proposed rulemaking.

-----------------------------------------------------------------------

SUMMARY: The Intelligence Reform and Terrorism Prevention Act (IRTPA) 
requires the Department of Homeland Security (DHS) to assume from 
aircraft operators the function of conducting pre-flight comparisons of 
airline passenger information to Federal Government watch lists for 
international and domestic flights. The Transportation Security 
Administration (TSA) is currently developing the Secure Flight program 
and issuing this rulemaking to implement this congressional mandate.
    This rule proposes to allow TSA to begin implementation of the 
Secure Flight program, under which TSA would receive passenger and 
certain non-traveler information, conduct watch list matching against 
the No Fly and Selectee portions of the Federal Government's 
consolidated terrorist watch list, and transmit boarding pass printing 
instructions back to aircraft operators. TSA would do so in a 
consistent and accurate manner while minimizing false matches and 
protecting privacy information.
    Also in this volume of the Federal Register, U.S. Customs and 
Border Protection (CBP) is publishing a final rule to implement pre-
departure advance passenger and crew manifest requirements for 
international flights and voyages departing from or arriving into the 
United States, using CBP's Advance Passenger Information System (APIS). 
These rules are related. We propose that, when the Secure Flight rule 
becomes final, aircraft operators would submit passenger information to 
DHS through a single DHS portal for both the Secure Flight and APIS 
programs. This would allow DHS to integrate the watch list matching 
component of APIS into Secure Flight, resulting in one DHS system 
responsible for watch list matching for all aviation passengers.

DATES: Submit comments by October 22, 2007.

ADDRESSES: You may submit comments, identified by the TSA docket number 
to this rulemaking, using any one of the following methods:
    Comments Filed Electronically: You may submit comments through the 
docket Web site at https://dms.dot.gov. You also may submit comments 
through the Federal eRulemaking portal at https://www.regulations.gov.
    Comments Submitted by Mail, Fax, or In Person: Address or deliver 
your written, signed comments to the Docket Management System at: U.S. 
Department of Transportation, Docket Operations, M-30, West Building 
Ground Floor, Room W12-140, 1200 New Jersey Ave., SE., Washington, DC 
20590; Fax: 202-493-2251.
    See SUPPLEMENTARY INFORMATION for format and other information 
about comment submissions.

FOR FURTHER INFORMATION CONTACT: Kevin Knott, Policy Manager, Secure 
Flight, Office of Transportation Threat Assessment and Credentialing, 
TSA-19, Transportation Security Administration, 601 South 12th Street, 
Arlington, VA 22202-4220, telephone (240) 568-5611.

SUPPLEMENTARY INFORMATION:

Comments Invited

    TSA invites comments relating to the appropriateness, 
effectiveness, and any economic, environmental, energy, or federalism 
impacts resulting from the required provisions of this rulemaking. 
Interested persons may do this by submitting written comments, data, or 
views. See ADDRESSES above for information on where to submit comments.
    With each comment, please include your name and address, identify 
the docket number at the beginning of your comments, and give the 
reason for each comment. The most helpful comments reference a specific 
portion of the rulemaking, explain the reason for any recommended 
change, and include supporting data. You may submit comments and 
material electronically, in person, by mail, or fax as provided under 
ADDRESSES, but please submit your comments and material by only one 
means. If you submit comments by mail or delivery, submit them in two 
copies, in an unbound format, no larger than 8.5 by 11 inches, suitable 
for copying and electronic filing.
    If you want TSA to acknowledge receipt of comments submitted by 
mail, include with your comments a self-addressed, stamped postcard on 
which the docket number appears. We will stamp the date your comments 
were received on the postcard and mail it to you.
    TSA will file in the public docket all comments received by TSA, 
except for comments containing confidential information and sensitive 
security information (SSI).\1\ TSA will consider all comments received 
on or before the closing date for comments and will consider comments 
filed late to the extent practicable. The docket is available for 
public inspection before and after the comment closing date.
---------------------------------------------------------------------------

    \1\ ``Sensitive Security Information'' or ``SSI'' is information 
obtained or developed in the conduct of security activities, the 
disclosure of which would constitute an unwarranted invasion of 
privacy, reveal trade secrets or privileged or confidential 
information, or be detrimental to the security of transportation. 
The protection of SSI is governed by 49 CFR part 1520.
---------------------------------------------------------------------------

Handling of Confidential or Proprietary Information and Sensitive 
Security Information (SSI) Submitted in Public Comments

    Do not submit comments that include trade secrets, confidential 
commercial or financial information, or SSI to the public regulatory 
docket. Please submit such comments separately from other comments on 
the rulemaking. Comments containing this type of information should be 
appropriately marked as containing such information and submitted by 
mail to the address listed in FOR FURTHER INFORMATION CONTACT section.
    Upon receipt of such comments, TSA will not place the comments in 
the public docket and will handle them in accordance with applicable 
safeguards and restrictions on access. TSA will hold them in a separate 
file to which the public does not have access, and place a note in the 
public docket that TSA has received such materials from the commenter. 
If TSA receives a request to examine or copy this information, TSA will 
treat it as any other request under the Freedom of Information Act 
(FOIA) (5 U.S.C. 552) and the Department of Homeland Security's (DHS) 
FOIA regulation found in 6 CFR part 5.

Reviewing Comments in the Docket

    Please be aware that anyone is able to search the electronic form 
of all comments received into any of our dockets by the name of the 
individual submitting the comment (or signing the comment, if submitted 
on behalf of an association, business, labor union, etc.). You may 
review the applicable Privacy Act Statement published in the Federal 
Register on April 11, 2000 (65 FR 19477), or you may visit https://
dms.dot.gov.
    You may review the comments in the public docket by visiting the 
Dockets Office between 9 a.m. and 5 p.m., Monday through Friday, except 
Federal holidays. The Dockets Office is located

[[Page 48357]]

in the West Building Ground Floor, Room W12-140, at the Department of 
Transportation address, previously provided under ADDRESSES. Also, you 
may review public dockets on the Internet at https://dms.dot.gov.

Availability of Rulemaking Document

    You can get an electronic copy using the Internet by--
    (1) Searching the Department of Transportation's electronic Docket 
Management System (DMS) Web page (https://dms.dot.gov/search);
    (2) Accessing the Government Printing Office's Web page at https://
www.gpoaccess.gov/fr/; or
    (3) Visiting TSA's Security Regulations Web page at https://
www.tsa.gov and accessing the link for ``Research Center'' at the top 
of the page.
    In addition, copies are available by writing or calling the 
individual in the FOR FURTHER INFORMATION CONTACT section. Make sure to 
identify the docket number of this rulemaking.

Abbreviations and Terms Used in This Document

APIS--Advance Passenger Information System
ATSA--Aviation and Transportation Security Act
AOIP--Aircraft Operator Implementation Plan
CBP--U.S. Customs and Border Protection
DHS--Department of Homeland Security 2005 DHS Appropriations Act--
Department of Homeland Security Appropriations Act, 2005
2007 DHS Appropriations Act--Department of Homeland Security 
Appropriations Act, 2007
DHS TRIP--Department of Homeland Security Traveler Redress Inquiry 
Program
FBI--Federal Bureau of Investigation
FOIA--Freedom of Information Act
GAO--Government Accountability Office
HSPD--Homeland Security Presidential Directive
IATA--International Air Transport Association
IRTPA--Intelligence Reform and Terrorism Prevention Act of 2004
PNR--Passenger Name Record
PRI--Passenger Resolution Information
PIA--Privacy Impact Assessment
SFPD--Secure Flight Passenger Data
SSI--Sensitive Security Information
SORN--System of Records Notice
TSA--Transportation Security Administration
TSC--Terrorist Screening Center
TSDB--Terrorist Screening Database

Outline of Notice of Proposed Rulemaking

I. Background
    A. Current Watch List Matching
    1. Watch List Matching for Domestic Flights
    2. Watch List Matching for International Flights
    B. Secure Flight Program Summary
    C. Implementation Stages of Secure Flight
    1. Implementation of Secure Flight for Domestic Flights
    2. Implementation of Secure Flight for International Flights
    D. Privacy Documents
    E. Secure Flight Testing and Information Collection Requirements
    1. Secure Flight Testing
    2. Information Collection Requirements
    F. The Watch List Matching Process Under Secure Flight
    G. Operational Testing of Secure Flight
    H. Proposed Compliance Schedule
    I. Additional Issues Under Consideration and Open to Public 
Comment
    1. Data Elements
    2. Identification Requirements
    J. Department of Homeland Security Appropriations Act
II. Section-by-Section Analysis
III. Regulatory Analyses
    A. Paperwork Reduction Act
    B. Regulatory Impact Analyses
    1. Regulatory Evaluation Summary
    2. Executive Order 12866 Assessment
    3. Regulatory Flexibility Act Assessment
    4. International Trade Impact Assessment
    5. Unfunded Mandates Assessment
    C. Executive Order 13132, Federalism
    D. Environmental Analysis
    E. Energy Impact Analysis
List of Subjects
The Proposed Amendments

I. Background

    TSA performs passenger and baggage screening at the Nation's 
commercial airports.\2\ Aircraft operators currently supplement this 
security screening by performing passenger watch list matching using 
the Federal No Fly and Selectee Lists, as required under security 
directives that TSA issued following the terrorist attacks of September 
11, 2001. Aircraft operators also conduct this watch list matching 
process for non-traveling individuals authorized to enter the sterile 
area \3\ of an airport in order to escort a passenger or for some other 
purpose approved by TSA.
---------------------------------------------------------------------------

    \2\ See the Aviation and Transportation Security Act (ATSA) 
(Pub. L. 107-71, 115 Stat. 597, Nov. 19, 2001).
    \3\ ``Non-traveling individual'' would be defined in this Notice 
of Proposed Rulemaking as an individual to whom a covered aircraft 
operator or covered airport operator seeks to issue an authorization 
to enter the sterile area of an airport in order to escort a minor 
or a passenger with disabilities or for some other purpose permitted 
by TSA. It would not include employees or agents of airport or 
aircraft operators or other individuals whose access to a sterile 
area is governed by another TSA regulation or security directive. 
Proposed 49 CFR 1560.3.
    ``Sterile area'' is defined as a portion of airport defined in 
the airport security program that provides passengers access to 
boarding aircraft and to which the access generally is controlled by 
TSA, or by an aircraft operator under part 1544 of this chapter or a 
foreign air carrier under part 1546 of this chapter, through the 
screening of persons and property. 49 CFR 1540.5.
---------------------------------------------------------------------------

    The Intelligence Reform and Terrorism Prevention Act of 2004 
(IRTPA) requires TSA to assume from air carriers the comparison of 
passenger information to the automatic Selectee and No Fly Lists and to 
utilize all appropriate records in the consolidated and integrated 
watch list that the federal government maintains.\4\ The final report 
of the National Commission on Terrorist Attacks Upon the United States 
(9/11 Commission Report) recommends that the watch list matching 
function ``should be performed by TSA and it should utilize the larger 
set of watch lists maintained by the Federal Government.'' See 9/11 
Commission Report at 393.
---------------------------------------------------------------------------

    \4\ Pub. L. 108-458, 118 Stat. 3638, Dec. 17, 2004.
---------------------------------------------------------------------------

    Consequently, pursuant to Sec.  4012(a) of the IRTPA, TSA is 
issuing this NPRM to propose implementation of the Secure Flight 
program. Under the program, TSA would receive passenger and certain 
non-traveler information from aircraft operators, conduct watch list 
matching, and transmit watch list matching results back to aircraft 
operators.
    The purpose of the Secure Flight program is to assume the watch 
list matching function from aircraft operators and to more effectively 
and consistently prevent certain known or suspected terrorists from 
boarding aircraft where they may jeopardize the lives of passengers and 
others. The program is designed to better focus enhanced passenger 
screening efforts on individuals likely to pose a threat to civil 
aviation, and to facilitate the secure and efficient travel of the vast 
majority of the traveling public by distinguishing them from 
individuals on the watch list.
    In general, the Secure Flight program would compare passenger 
information only to the No Fly and Selectee List components of the 
Terrorist Screening Database (TSDB), which contains the Federal 
Government's consolidated terrorist watch list, maintained by the 
Terrorist Screening Center (TSC).\5\ However, as recommended by the 9/
11

[[Page 48358]]

Commission, TSA may use ``the larger set of watch lists maintained by 
the Federal Government,'' when warranted by security considerations. 
For example, TSA may learn that flights on a particular route may be 
subject to increased security risk. If this happens, TSA may decide to 
compare passenger information on some or all of the flights on that 
route against the full TSDB or other government databases, such as 
intelligence or law enforcement databases.
---------------------------------------------------------------------------

    \5\ The TSC was established by the Attorney General in 
coordination with the Secretary of State, the Secretary of Homeland 
Security, the Director of the Central Intelligence Agency, the 
Secretary of the Treasury, and the Secretary of Defense. The 
Attorney General, acting through the Director of the Federal Bureau 
of Investigation (FBI), established the TSC in support of Homeland 
Security Presidential Directive 6 (HSPD-6), dated September 16, 
2003, which required the Attorney General to establish an 
organization to consolidate the Federal Government's approach to 
terrorism screening and provide for the appropriate and lawful use 
of terrorist information in screening processes.
---------------------------------------------------------------------------

    This proposed rule would affect covered flights operated by U.S. 
aircraft operators that are required to have a full program under 49 
CFR 1544.101(a), and covered flights operated by foreign air carriers 
that are required to have a security program under 49 CFR 1546.101(a) 
or (b). These aircraft operators generally are the passenger airlines 
that offer scheduled and public charter flights from commercial 
airports. This proposed rule refers to them as ``covered U.S. aircraft 
operators'' and ``covered foreign air carriers'' respectively, and 
``covered aircraft operators'' collectively.
    The proposed rule would cover all flights conducted by covered U.S. 
aircraft operators, as well as all flights conducted by a covered 
foreign air carrier arriving in or departing from the United States or 
overflying the continental United States (referred to as ``covered 
international flights''). TSA is proposing to conduct watch list 
matching for overflights in order to protect the United States from 
terrorist activity that could occur in its airspace. The proposed rule 
collectively refers to the flights conducted by U.S. carriers and 
covered international flights that would be regulated under this 
proposed rule as ``covered flights.''
    IRTPA also requires DHS to assume from air carriers the task of 
comparing passenger information for international flights to or from 
the United States against the Federal Government's consolidated and 
integrated terrorist watch list before departure of such flights. 
Initially, CBP will implement this requirement and conduct pre-
departure watch list matching for international flights, through its 
Advance Passenger Information System (APIS). APIS is a widely-utilized 
electronic data interchange system that international commercial air 
and vessel carriers use to electronically transmit to CBP certain data 
on passengers and crew members. The former U.S. Customs Service, in 
cooperation with the former Immigration and Naturalization Service 
(INS) and the airline industry, developed APIS in 1988. On July 14, 
2006, CBP published a notice of proposed rulemaking to require air and 
vessel carriers to submit to CBP passenger manifest information before 
departure of an international flight to or from the United States and 
for voyages from the United States to enable CBP to conduct watch list 
matching on passengers before they board an international flight or 
depart on certain voyages.\6\
---------------------------------------------------------------------------

    \6\ 71 FR 40035.
---------------------------------------------------------------------------

    In response to a substantial number of comments from the aviation 
industry, DHS is proposing a unified approach to watch list matching 
for international and domestic passenger flights, to avoid unnecessary 
duplication of watch list matching efforts and resources and reduce the 
burden on aircraft operators. CBP's APIS Pre-Departure Final Rule 
published elsewhere in this issue of the Federal Register and this 
notice of proposed rulemaking (NPRM) are being published jointly to 
explain DHS's proposed unified approach. Beginning on the effective 
date of the APIS Pre-Departure final rule, CBP will perform the watch 
list matching function for international flights to or from the United 
States as part of its overall screening of travelers. However, DHS 
proposes to ultimately transfer the watch list matching function to the 
Secure Flight program. If this approach is adopted, TSA would assume 
the aviation passenger watch list matching function for domestic and 
international passengers covered by this proposed rule, and CBP would 
continue to conduct border enforcement functions under the APIS 
program. DHS is establishing one portal through which aircraft 
operators will send their passenger information for both programs, with 
the goal of streamlining the transmission of passenger information, if 
the unified approach is adopted.

A. Current Watch List Matching

1. Watch List Matching for Domestic Flights
    Under security directives issued by TSA, covered U.S. aircraft 
operators currently conduct pre-flight watch list matching for 
passengers on domestic flights using the Federal No Fly and Selectee 
Lists. Aircraft operators also apply this process to non-traveling 
individuals authorized to enter the sterile area beyond the screening 
checkpoint in order to escort a minor or a passenger with disabilities, 
or for another purpose authorized by TSA.
    Under the current watch list matching process, when an aircraft 
operator has a reservation from a passenger with a name that is the 
same as, or similar to, a name on the No Fly List, TSA requires the 
aircraft operator to notify law enforcement personnel and TSA in order 
to determine whether that passenger is in fact the individual whose 
name is on the No Fly List. If the passenger is verified as an 
individual on the No Fly List, the aircraft operator is prohibited from 
transporting the passenger. When an aircraft operator has a reservation 
from a passenger with a name that is the same as, or similar to, a name 
on the Selectee List, TSA requires the aircraft operator to identify 
the individual to TSA for enhanced screening at security screening 
checkpoints.\7\
---------------------------------------------------------------------------

    \7\ Individuals may undergo enhanced screening at security 
screening checkpoints for a variety of other reasons, such as random 
selection or as a result of triggering a metal detector alarm.
---------------------------------------------------------------------------

2. Watch List Matching for International Flights
    Covered aircraft operators also currently conduct watch list 
matching for passengers on international flights in the same manner 
described above for domestic flights as required in TSA security 
directives and emergency amendments to a security program. 
Additionally, CBP conducts various activities, including watch list 
matching, to screen passengers on commercial international flights 
arriving in and departing from the United States through the Advance 
Passenger Information System (APIS). CBP conducts such activities in 
order to protect the United States from threats of terrorism and to 
carry out CBP's border enforcement mission.
    Under CBP's APIS regulations (19 CFR part 122), air carriers 
departing foreign ports destined for the United States are required to 
electronically submit passenger information to CBP no later than 
fifteen minutes after the departure of aircraft destined for the United 
States and 15 minutes prior to departure of aircraft from the United 
States. ``Departure'' currently is defined to be the moment the 
aircraft's wheels leave the tarmac. See 19 CFR 122.49. The current 
system allows CBP to supplement the watch list matching currently 
completed by air carriers prior to boarding. If CBP's screening 
identifies that a person on a no-fly list is on an aircraft bound for, 
or departing from, the United States, that aircraft will be diverted 
from its intended destination.
    In this volume of the Federal Register, CBP is publishing a final 
rule entitled ``Advance Electronic Submission of Passenger and Crew 
Member Manifests for Commercial

[[Page 48359]]

Aircraft and Vessels'' (APIS Pre-Departure Final Rule). This rule, 
which becomes effective 180 days after publication, will require air 
carriers to provide the passenger information it currently provides to 
CBP, but requires air carriers to provide it no later than the time the 
flight crew secure the aircraft doors for takeoff.
    When commercial air carriers are certified to transmit APIS data 
under the pre-departure APIS requirements of the new APIS Pre-Departure 
Final Rule, CBP will assume from those carriers the responsibility of 
conducting pre-departure watch list matching for international flights 
to or from the United States. Once CBP receives the information, it 
will complete the watch list matching process and return instructions 
concerning each passenger to the covered aircraft operators. Covered 
aircraft operators will be required to follow the instructions when 
issuing boarding passes to passengers, identifying passengers for 
enhanced screening, and allowing passengers to board the aircraft or 
preventing them from doing so. If the Secure Flight program is 
finalized as envisioned in this proposed rule, it will take over this 
watch list matching function for aircraft operators covered under this 
proposed rule from CBP.

B. Secure Flight Program Summary

1. Secure Flight Passenger Data
    Under the Secure Flight program proposed under this rule, TSA would 
require covered aircraft operators to collect information from 
passengers, transmit passenger information to TSA for watch list 
matching purposes, and process passengers in accordance with TSA 
instructions regarding watch list matching results. Under this proposed 
rule, TSA would collect Secure Flight Passenger Data (SFPD), consisting 
of the information summarized below (and discussed in greater detail in 
section I.E.2 ``information collection requirements'' infra).
    For passengers on covered flights, TSA is proposing to require 
covered aircraft operators to request a passenger's full name, gender, 
date of birth, and Redress Number \8\ (if available) or known traveler 
number \9\ (if available once the known traveler program is 
implemented). Even though covered aircraft operators would be required 
to request all of the above data elements from passengers, passengers 
would only be required to provide their full name at the time of 
reservation to allow TSA to perform watch list matching. They would not 
be required by TSA to provide the other data elements to aircraft 
operators at the time of reservation. Covered aircraft operators would 
be required to transmit to TSA the information provided by the 
passenger in response to the request described above.
---------------------------------------------------------------------------

    \8\ A Redress Number is a unique number that DHS currently 
assigns to individuals who use the DHS Traveler Redress Inquiry 
Program (TRIP). Under the proposed rule, individuals would use the 
Redress Number in future correspondence with DHS and when making 
future travel reservations. The Redress Number is further discussed 
in the Secure Flight Information Collection Requirements section 
below.
    \9\ A known traveler number would be a unique number assigned to 
``known travelers'' for whom the Federal Government has already 
conducted a threat assessment and has determined do not pose a 
security threat. The known traveler number is further discussed in 
the Secure Flight Information Collection Requirements section.
---------------------------------------------------------------------------

    Covered aircraft operators also would be required to transmit to 
TSA passport information, if available. Although not required to be 
requested by TSA under this proposed rule, passport information may be 
provided by passengers either voluntarily or under other travel 
requirements such as CBP APIS requirements if a passenger is traveling 
abroad. Additionally, covered aircraft operators would be required to 
transmit to TSA certain non-personally identifiable information such as 
itinerary information, record locator numbers etc. to allow TSA to 
effectively prioritize watch list matching efforts, communicate with 
the covered aircraft operator, and facilitate an operational response, 
if necessary, to an individual who is on the watch list.
    When a non-traveling individual seeks authorization from a covered 
aircraft operator to enter an airport sterile area (such as to escort a 
minor or assist a passenger with a disability), TSA also is proposing 
to require covered aircraft operators to request from the non-traveler 
and transmit to TSA, the same information requested from passengers (to 
the extent available), as well as certain non-personally identifiable 
information, including the airport code for the sterile area to which 
the non-traveler seeks access.
    The following chart details the information that TSA would require 
covered aircraft operators to request from passengers and certain non-
traveling individuals, the information that those individuals would be 
required to provide, and the information covered aircraft operators 
would be required to transmit to TSA if available:

                         Proposed Information Collection Requirements for Secure Flight
----------------------------------------------------------------------------------------------------------------
                                                          Covered aircraft
                                                           operators must     Passengers and    Covered aircraft
                                                            request from       certain non-      operators must
                     Data elements                        passengers  and     travelers must    transmit to TSA,
                                                            certain non-         provide          if available
                                                             travelers
----------------------------------------------------------------------------------------------------------------
Full Name..............................................                 X                  X                  X
Date of Birth..........................................                 X   .................                 X
Gender.................................................                 X   .................                 X
Redress Number or Known Traveler Number................                 X   .................                 X
Passport Information \10\..............................  .................  .................                 X
Itinerary Information \11\.............................  .................  .................                 X
Reservation Control Number.............................  .................  .................                 X
Record Sequence Number.................................  .................  .................                 X
Record Type............................................  .................  .................                 X
Passenger Update Indicator.............................  .................  .................                 X
Traveler Reference Number..............................  .................  .................                 X
----------------------------------------------------------------------------------------------------------------

    This proposed rule would not compel the passenger or non-traveler 
to provide the majority of the information that covered aircraft 
operators request. However, if that individual elected not to provide 
the requested information,

[[Page 48360]]

TSA may have insufficient information to distinguish him or her from a 
person on the watch list. Accordingly, the individual may be more 
likely to experience delays, be subject to additional screening, be 
denied transport, or be denied authorization to enter a sterile area. 
Without a full name, watch list matching is incredibly unreliable; 
therefore the proposed rule would require an individual seeking to 
travel on a covered flight or authorization to enter a sterile area to 
provide his or her full name, as it appears on the individual's 
verifying identity document. The proposed rule would also prohibit 
covered aircraft operators from accepting a reservation, or accepting a 
request for authorization to enter a sterile area, from an individual 
who does not provide a full name.
---------------------------------------------------------------------------

    \10\ Passport information is the following information from a 
passenger's passport: (1) Passport number; (2) country of issuance; 
(3) expiration date; (4) gender; (5) full name.
    \11\ Itinerary information is the following information about a 
covered flight: (1) Departure airport code; (2) aircraft operator; 
(3) departure date; (4) departure time; (5) arrival date; (6) 
scheduled arrival time; (7) arrival airport code; (8) flight number; 
(9) operating carrier (if available). For non-traveling individuals, 
the itinerary information is the airport code for the sterile area 
to which the non-traveling individual seeks access.
---------------------------------------------------------------------------

2. 72-Hour Requirement
    Under the Secure Flight proposed rule, covered aircraft operators 
would be required to transmit Secure Flight Passenger Data to TSA 
approximately 72 hours prior to the scheduled flight departure 
time.\12\ Requiring SFPD approximately 72 hours prior to scheduled 
flight departure time would support the security mission of the Secure 
Flight program and facilitate a streamlined watch list matching process 
for aircraft operators and passengers in at least the following ways.
---------------------------------------------------------------------------

    \12\ In the APIS Pre-Departure Final Rule, CBP also encourages, 
but does not mandate, all carriers to submit the information up to 
72 hours in advance when available, to facilitate clearance.
---------------------------------------------------------------------------

    TSA considered a number of factors in determining that aircraft 
operators should submit SFPD to TSA approximately 72 hours before 
scheduled flight departure time. TSA reviewed reservation trend 
analyses which indicates that, on average, an estimated 90-93% of 
travel reservations are finalized and become stable (e.g. not subject 
to cancellation or timing changes) 72 hours before the scheduled flight 
departure time. Accordingly, TSA determined that it would not be 
practicable to require aircraft operators to submit information earlier 
than 72 hours prior to flight departure time, as such information would 
still be subject to change and would not provide sufficiently reliable 
information for TSA to begin watch list matching or engage in any 
necessary coordination with law enforcement.
    During a standard travel day, TSA estimates that over 2.4 million 
passengers use covered aircraft operators for domestic and 
international travel (either destined for or departing from the United 
States). Although approximately 99% of passenger travel reservations 
would be finalized within 24 hours of the departure of any flight, 24 
hours would not provide TSA with sufficient time to adequately screen 
2.4 million passengers and, when necessary, coordinate operational 
responses in the event of identification of a terrorist suspect or as 
needed to identify and disrupt a suspected terrorist plot potentially 
involving a variety of flights or aircraft operators, foreign or 
domestic.
    It is important to note that, in any one day, TSA would be 
conducting watch list matching on not only the 2.4 million travelers 
for one designated travel day, but TSA also would continue to conduct 
watch list matching for the 2.4 million travelers for each of the two 
days before the date of departure of the flight. In total, over a 72-
hour period, TSA could be conducting watch list matching for up to 7.2 
million travelers traveling within a 72-hour period.
    Accordingly, TSA is proposing that covered aircraft operators 
submit SFPD approximately 72 hours in advance.
    Security benefits. A 72-hour period would provide the significant 
security benefit of allowing the U.S. government to coordinate an 
operational response to a match on a watch list--not only before the 
flight departs, but even in advance of the individual's arrival at the 
airport. Also, TSA could provide a single watch list matching solution 
for both domestic and international flights, because TSA would have the 
time to prioritize the domestic and international watch list matching 
workload and accommodate last-minute reservations and changes.
    Benefits to covered aircraft operators and passengers. The 72-hour 
period would also allow TSA to complete watch list matching in time to 
allow covered aircraft operators to begin issuing boarding passes to 
passengers 24 hours prior to departure. Watch list matching that takes 
place immediately prior to the flight's departure, such as that allowed 
by CBP's APIS rule, would not allow TSA to communicate with covered 
aircraft operators regarding the issuance of boarding passes 24 hours 
prior to departure. Additionally, passengers' travel experiences would 
be enhanced because TSA would use that time to adjudicate potential 
watch list matches and coordinate with other government agencies as 
necessary, to resolve as many false positives as possible before such 
individuals arrive at the airport or experience delay or inconvenience.
    TSA welcomes public comment on this timeframe, as well as on 
alternate timeframes, and will consider these comments in the 
development of the final rule. As always, comments that include an 
analytical justification are most useful.
3. Instructions to Covered Aircraft Operators
    TSA would match the SFPD provided by covered aircraft operators 
against the watch list. Based on the watch list matching results, TSA 
would instruct an aircraft operator to process the individual in the 
normal manner, to identify the individual for enhanced screening at a 
security checkpoint, or to deny the individual transport or 
authorization to enter the airport sterile area. To ensure the 
integrity of the boarding pass instructions and to prevent use of 
fraudulent boarding passes, TSA would also provide instructions on 
placing codes on the boarding passes. Covered aircraft operators would 
be required to comply with the TSA instructions.
4. Summary of Requirements
    A brief summary of the requirements proposed in this NPRM is 
presented below. A detailed explanation of these requirements is 
provided in the Section-by-Section Analysis.
     Requirements of Covered Aircraft Operators. This proposed 
rule would require aircraft operators that conduct certain scheduled 
and public charter flights to:
     Submit an Aircraft Operator Implementation Plan (AOIP) to 
TSA for approval.
     Conduct operational testing with TSA.
     Request full name, date of birth, gender, and Redress 
Number (if available) or known traveler number (if implemented and 
available) from passengers and non-traveling individuals.
     Transmit Secure Flight Passenger Data for passengers and 
non-traveling individuals, in accordance with the aircraft operator's 
AOIP, approximately 72 hours prior to the scheduled flight departure 
time.
     Make a privacy notice available on public Web sites and 
self-service kiosks before collecting any personally identifiable 
information from passengers or non-traveling individuals.

[[Page 48361]]

     Request a verifying identity document at the airport 
ticket counter if TSA has not informed the covered aircraft operator of 
the results of watch list matching for an individual by the time the 
individual attempts to check-in, or informs the covered aircraft 
operator that an individual must be placed on inhibited status and may 
not be issued a boarding pass or authorization to enter a sterile area. 
A verifying identity document is one that has been issued by a Federal, 
State, local, or tribal government that contains the individual's full 
name, photo, and date of birth, and is non-expired; though a non-
expired passport issued by a foreign government will also be considered 
a verifying identity document. This requirement would be in addition to 
the current requirement that aircraft operators request all passengers 
and non-traveling individuals to provide identification at the time of 
check-in or at a screening checkpoint.
     When necessary, submit information from the verifying 
identity document to TSA to resolve potential watch list matches. In 
some cases, TSA may also request that the covered aircraft operator 
communicate a physical description of the individual.
     Not issue to an individual a boarding pass or 
authorization to enter a sterile area or permit an individual to board 
an aircraft or enter a sterile area if the individual does not provide 
a verifying identity document when requested under circumstances 
described above, unless otherwise authorized by TSA.
     Prohibit issuance of boarding passes or authorizations to 
enter a sterile area to individuals whom TSA has placed on inhibited 
status. Prohibit these individuals from boarding an aircraft.
     Comply with instructions from TSA to designate identified 
individuals for enhanced screening before boarding a flight or 
accessing a sterile area.
     Place separate codes on boarding passes in accordance with 
TSA instructions.
     Requirements of Individuals. Individuals who wish to make 
a reservation on a covered flight or to access a sterile area must 
provide their full names to the covered aircraft operators. This 
proposed rule would require those passengers and non-traveling 
individuals for whom TSA has not provided watch list matching results 
or has provided inhibited status to present a verifying identity 
document, in order to board an aircraft or to enter a sterile area. 
Individuals also would continue to be subject to the current 
requirement that aircraft operators request all passengers and non-
traveling individuals to provide identification at the time of check-in 
or at a screening checkpoint.
     Government Redress Procedures Available to Individuals. 
This proposed rule explains the redress procedures for individuals who 
believe they have been improperly or unfairly delayed or prohibited 
from boarding a flight as a result of the Secure Flight program. These 
individuals may seek assistance through the redress process by 
submitting certain personal information, as well as copies of certain 
identification documents, to the existing DHS Traveler Redress Inquiry 
Program (DHS TRIP). The proposed rule explains the process the Federal 
Government will use to review the information submitted and to provide 
a timely written response.

C. Implementation Stages of Secure Flight

    TSA proposes to implement this rule in two stages. The first stage 
would include covered flights between two domestic points in the United 
States, and the second stage would include covered flights to or from 
the United States, flights that overfly the continental United States, 
and all other flights (such as international point-to-point flights) 
operated by covered U.S. aircraft operators not covered in the first 
stage.
1. Implementation of Secure Flight for Domestic Flights
    During the first stage of implementation, TSA would assume the 
watch list matching function for domestic flights conducted by covered 
U.S. aircraft operators. TSA would conduct operational testing with 
each covered U.S. aircraft operator to ensure that the aircraft 
operator's system is compatible with TSA's system. After successful 
operational testing with a covered U.S. aircraft operator, TSA would 
assume the watch list matching function for domestic flights from that 
aircraft operator.
2. Implementation of Secure Flight for International Flights
    Until TSA implements the Secure Flight program for international 
flights by covered aircraft operators, DHS plans for CBP to conduct 
pre-departure watch list matching for international flights under the 
APIS Pre-Departure Final Rule. This interim approach will allow DHS to 
more quickly address the threat of terrorism on flights arriving in and 
departing from the United States.
    During the second stage of Secure Flight implementation, TSA will 
assume the watch list matching function for covered international 
flights from CBP. There are a few differences between the two 
processes. First, covered aircraft operators would need to request 
passenger information at the time of reservation, as required under 
this proposed rule. Second, as described below, TSA would utilize 
Secure Flight Passenger Data, which requires collection of different 
data elements than under the APIS regulations. For its non-watch list 
matching functions, which CBP will continue to perform under the APIS 
rule, CBP would continue to collect APIS data. Given this, and to 
provide a single point of contact, covered aircraft operators can 
transmit both APIS data and Secure Flight Passenger Data in a single 
transmission to the DHS portal, which will route information to TSA and 
CBP as appropriate.
    The following tables list the data elements that CBP will collect 
under its APIS regulations, and that TSA will collect under the Secure 
Flight program.

------------------------------------------------------------------------
                                    APIS  regulations
           Data elements              (international     Secure flight
                                      flights) \13\        NPRM \14\
------------------------------------------------------------------------
Full Name.........................                 X                  X
Date of Birth.....................                 X                  X
Gender............................                 X                  X
Redress Number or Known Traveler    .................                 X
 Number...........................
Passport Number*..................                 X                  X
Passport Country of Issuance*.....                 X                  X
Passport Expiration Date*.........                 X                  X
Passenger Name Record Locator.....                 X   .................
International Air Transport                        X                  X
 Association (IATA) Foreign
 Airport Code--place of
 origination......................

[[Page 48362]]

 
IATA Code--Port of First Arrival..                 X                  X
IATA Code of Final Foreign Port                    X   .................
 for In-transit Passengers........
Airline Carrier Code..............                 X                  X
Flight Number.....................                 X                  X
Date of Aircraft Departure........                 X                  X
Time of Aircraft Departure........                 X                  X
Date of Aircraft Arrival..........                 X                  X
Scheduled Time of Aircraft Arrival                 X                  X
Citizenship.......................                 X   .................
Country of Residence..............                 X   .................
Status on Board Aircraft..........                 X   .................
Travel Document Type..............                 X   .................
Alien Registration Number**.......                 X
Address While in U.S.--(except for                 X   .................
 outbound flights, U.S. citizens,
 lawful permanent residents, crew
 and intransit passengers)........
Reservation Control Number........  .................                 X
Record Sequence Number............  .................                 X
Record Type.......................  .................                 X
Passenger update indicator........  .................                 X
Traveler Reference Number.........  .................                 X
------------------------------------------------------------------------
*If required.
**If applicable.

    TSA would require covered aircraft operators to transmit to TSA the 
available passenger information required under this proposed rule that 
resides in covered aircraft operators' systems. Covered aircraft 
operators must submit this information, through the same DHS portal 
used for APIS submissions, approximately 72 hours before departure of a 
covered flight. Those that elect to transmit all manifest information 
required under the Pre-Departure APIS rule at the same time would be 
able to send a single transmission to DHS for the Secure Flight and 
Pre-Departure APIS programs and would receive a single boarding pass 
printing instruction in return. Under the APIS regulations, such 
aircraft operators would then be required to validate the information 
submitted against the individual's passport or other travel document 
and transmit passenger information to DHS only if it is different from 
the information previously submitted, no later than 30 minutes prior to 
or up to the securing of the doors of an aircraft under CBP's APIS Pre-
Departure rule.
---------------------------------------------------------------------------

    \13\ All APIS data elements are required.
    \14\ Covered aircraft operators must provide data elements 
listed for Secure Flight, to the extent they are available.
---------------------------------------------------------------------------

    Covered aircraft operators that do not elect to transmit all 
manifest information required under the Pre-Departure APIS rule 
approximately 72 hours in advance would submit validated APIS 
information no later than 30 minutes prior to or up to the securing of 
the doors of an aircraft under CBP's Pre-Departure APIS rule. The 
aircraft operator would only receive a boarding pass printing 
instruction from DHS after the APIS transmission if the transmitted 
APIS data differs from the SFPD that was transmitted 72 hours prior to 
departure.
    Additionally, for reservations made within 72 hours of scheduled 
flight departure time, covered aircraft operators would be required to 
transmit Secure Flight Passenger Data as soon as possible. If the 
covered aircraft operator is also ready to transmit APIS information at 
that time, the covered aircraft operator would be able to send one 
transmission for both Secure Flight and Pre-Departure APIS and would 
receive one boarding pass printing instruction. If the covered aircraft 
operator is not ready to transmit passenger under Pre-Departure APIS at 
the same time, the covered aircraft operator would be required to 
transmit the passenger information separately for Secure Flight and 
APIS.
    Covered aircraft operators would use the same portal to transmit 
Secure Flight Passenger Data to TSA as they will to transmit APIS data 
to CBP. Covered U.S. aircraft operators would not need to undergo 
additional operational testing during the second phase, because they 
would have already conducted operational testing with TSA during the 
first phase. TSA, however, would need to conduct operational testing 
with the covered foreign air carriers, which would not have previously 
conducted operational testing with TSA, to confirm that the Secure 
Flight process operates properly from end-to-end with these carriers.
    Once TSA assumes responsibility under Secure Flight for the watch 
list matching function for the majority of passengers covered by the 
APIS regulation, CBP would no longer be responsible for pre-departure 
watch list matching or the issuance of related boarding pass printing 
instructions for covered flights. Consequently, covered aircraft 
operators would receive, and would have to comply with, one set of 
instructions from DHS, via TSA, regarding the issuance of boarding 
passes to or the boarding of passengers on covered international 
flights. CBP would, however, continue to require carriers to provide 
APIS data to carry out its border enforcement mission. CBP would 
continue to require covered aircraft operators and passengers to comply 
with CBP's APIS regulations, including passengers presenting their 
passports or other required travel documents at the airport to the 
aircraft operators in order for the aircraft operator to verify the 
APIS information and to transmit it to CBP if the APIS information was 
not previously transmitted or if the verified APIS information is 
different from the information previously transmitted.
    In some international airports, passengers may transit from one 
international flight to another, where the flights are operated by 
different aircraft operators and only the second flight would be a 
covered flight under this proposed rule. TSA understands that 
currently, in these situations, the aircraft operator operating the 
first flight

[[Page 48363]]

may issue a boarding pass for both legs of the passenger's itinerary, 
including the flight to the United States. Under this proposed rule, 
the aircraft operator operating the first flight would not be able to 
issue a boarding pass for the second flight until that aircraft 
operator received an appropriate boarding pass printing instruction 
from TSA. This would allow TSA to minimize the security risk of 
allowing passengers who have not yet been compared against the watch 
list to have access to aircraft and the secure area of an airport. TSA 
is seeking comment on this proposed requirement.

D. Privacy Documents

    TSA is committed to safeguarding individuals' privacy in conducting 
the Secure Flight Program to the greatest extent possible. In 
conjunction with this NPRM, TSA is publishing a Privacy Impact 
Assessment (PIA) for the Secure Flight Program, a Privacy Act System of 
Records Notice (SORN), DHS/TSA 019, and an NPRM proposing Privacy Act 
exemptions for the Secure Flight Program. All three documents outline 
how TSA would collect, use, store, protect, and retain personally 
identifiable information collected and used as part of the Secure 
Flight Program and identify the privacy risks and mitigation measures 
that would be employed to reduce or eliminate privacy risks, such as 
false positive matches or insufficient safeguards for the information. 
All three documents are available at https://www.tsa.gov and the SORN 
and the NPRM proposing the Privacy Act exemptions will be published in 
the Federal Register. TSA invites public comments on the SORN and NPRM 
proposing Privacy Act exemptions. TSA will respond to public comments 
received on the PIA, SORN, and NPRM through the rulemaking process and 
revise the respective documents as appropriate.
    TSA has developed a comprehensive approach to promoting compliance 
with the Fair Information Practices codified in the Privacy Act of 
1974, the E-Government Act of 2002, DHS and TSA privacy policies, and 
Office of Management and Budget (OMB) privacy guidance. Comprehensive 
privacy requirements are being included in the program requirements to 
allow TSA to identify privacy issues and risks at each phase of the 
program and implement privacy principles across Secure Flight systems 
and operations. The Secure Flight program has designated an individual 
to work closely with the TSA Director of Privacy Policy and Compliance 
as well as the DHS Chief Privacy Officer to promote compliance with the 
published documents for the program, including the SORN and the PIA. 
This individual would also routinely monitor and review the operations 
that authorized users perform on personal information according to a 
schedule to be determined and will be responsible for the 
implementation of the privacy program.
    The Secure Flight program seeks to balance the competing interests 
of data collection minimization and reduction of false positives 
through individual choice. TSA has limited the proposed information 
collection requirements for Secure Flight to the data elements TSA 
believes are minimally necessary for effective watch list matching of 
aviation passengers, as discussed in Section E.2. below. The proposed 
rule leaves individuals with the choice to decline to provide certain 
data elements. For the vast majority of individuals, a decision to 
forgo providing these data elements should have no effect on their 
watch list matching results and will result in less information being 
held by TSA. For some individuals, however, TSA may be unable to 
perform effective automated watch list matching without this 
information and, as a result, those individuals may be more likely to 
be subject to additional screening or be denied boarding or 
authorization to enter a sterile area.
    The Secure Flight Program also would mitigate the privacy risk of 
false positive matches to the watch list by supplementing the initial 
automated comparison with a manual assessment conducted by a Secure 
Flight analyst, but only if necessary to complete the watch list 
matching process. Individuals will be provided with the opportunity 
under the DHS Traveler Redress Inquiry Program (TRIP) redress process 
and under the Privacy Act of 1974 to access and correct personal 
information, subject to the Privacy Act exemptions proposed for Secure 
Flight records and other applicable legal constraints. Secure Flight 
would not utilize commercial data to verify identities, nor would it 
use algorithms to assign risk scores to individuals.
    TSA is proposing to retain records for most individuals encountered 
by Secure Flight for a short period of time.\15\ The vast majority of 
records are expected to be destroyed within seven (7) days of 
completion of directional travel.\16\ Records for individuals not 
identified as potential matches by the automated matching tool would be 
retained for seven days after the completion of the individual's 
directional travel for audit purposes. Records for individuals who are 
potential matches would be retained for seven years after the 
completion of the individual's directional travel. These records would 
be available if needed as part of the redress process and, as a result, 
may help to expedite future travel. Records concerning confirmed 
matches are expected to be retained for 99 years. This retention period 
is consistent with TSC's NARA-approved records retention schedule for 
TSDB records. In case of a terrorist event, records concerning the 
event, which may possibly include passenger information, would be 
retained in accordance with a separate TSA record retention schedule 
covering major security incident records. This information would be 
retained to support the investigation and documentation of a terrorist 
event. Such records would be maintained in accordance with applicable 
SORNs, DHS/TSA 001, Transportation Security Enforcement Records System, 
69 FR 71818, 71829 (December 10, 2004) and DHS/TSA 011, Transportation 
Security Intelligence Service Operations Files, 69 FR 71828, 71835 
(December 10, 2004).
---------------------------------------------------------------------------

    \15\ The retention schedule will be submitted for approval to 
the National Archives and Records Administration (NARA). TSA will 
retain the records in accordance with the retention schedule 
approved by NARA.
    \16\ Directional travel means the individual's one-way travel to 
his or her destination.
---------------------------------------------------------------------------

    The Secure Flight Program would further minimize potential privacy 
risks by integrating administrative, technical, and physical security 
safeguards to limit collection of personally identifiable information 
and to protect information against unauthorized disclosure, use, 
modification or destruction. Specifically, administrative safeguards 
will restrict the permissible uses of personal information and 
implement the controls for adherence to those uses. As part of 
technical safeguards employed, Secure Flight will employ role-based 
access controls and audit logging (that is, the chronicling of 
information accesses and uses of information) to control and monitor 
the use of personal information. Further, all personnel who will be 
authorized to handle personal information for the Secure Flight program 
will be required to complete TSA privacy training when they join the 
program and on at least an annual basis thereafter. Personal 
information will only be disclosed to, and used by, authorized 
individuals who have a need to know the information in order to perform 
their duties. These safeguards will further minimize the potential 
privacy risk that personal information may be improperly used. The PIA

[[Page 48364]]

addresses all of these safeguards in more detail.
    TSA will issue an amended PIA and a revised SORN in conjunction 
with the Secure Flight Final Rule if necessary. Although not required, 
covered aircraft operators may voluntarily choose to begin testing with 
TSA prior to TSA publishing a final rule. The PIA and the SORN would 
cover any testing between an aircraft operator and TSA including both 
domestic and international flights.

E. Secure Flight Testing and Information Collection Requirements

    After initial Secure Flight testing described below, TSA has 
limited the proposed information collection requirements for Secure 
Flight to the data elements TSA believes are minimally necessary for 
aviation passenger watch list matching. In making this determination, 
TSA balanced the privacy interest in minimizing the collection of 
personal information with the security need to conduct effective watch 
list matching, without unnecessarily delaying innocent individuals due 
to false positive watch list matches.
1. Secure Flight Testing
    Prior to initiating this rulemaking, TSA performed testing of the 
agency's ability to conduct automated watch list matching for purposes 
of the Secure Flight program and separately, testing to determine 
whether the use of commercial data would be effective in identifying 
passenger information that is incorrect or inaccurate. On September 24, 
2004, TSA published in the Federal Register a number of documents 
necessary to allow the agency to begin testing the Secure Flight 
program. These documents included: (1) A proposed order to U.S. 
aircraft operators directing them to provide a limited set of 
historical passenger name records (PNRs) to TSA for use in testing the 
program (69 FR 57342); (2) a Privacy Act System of Records Notice for 
records involved in testing the program (69 FR 57345); and (3) a 
Privacy Impact Assessment (PIA) of program testing (69 FR 57352[0]).
    On November 15, 2004, after reviewing the comments received in 
response to these documents, TSA published in the Federal Register the 
final order directing U.S. aircraft operators to provide to TSA, by 
November 23, 2004, a limited set of historical PNRs for testing of the 
Secure Flight program.\17\ TSA also published revisions to the system 
of records notice and the Privacy Impact Assessment (PIA) on June 22, 
2005,\18\ to make clear that the purpose of commercial data testing was 
``to test the Government's ability to verify the identities of 
passengers using commercial data and to improve the efficacy of watch 
list comparisons by making passenger information more complete and 
accurate using commercial data.''
---------------------------------------------------------------------------

    \17\ 69 FR 65619.
    \18\ 70 FR 36320.
---------------------------------------------------------------------------

    After reviewing the results of the testing and the comments 
received concerning the testing, TSA determined that it will not use 
commercial data in the program. This decision is consistent with 
Section 514(f) of the Department of Homeland Security Appropriations 
Act, 2007 (2007 DHS Appropriations Act), Public Law 109-295 (Oct. 4, 
2006), which currently prohibits TSA from using appropriated funds on 
data or a database that is obtained from, or remains under the control 
of, a non-Federal entity (other than passenger information from 
aircraft operators) for the Secure Flight program.
2. Information Collection Requirements
    Based on the automated watch list matching test results and TSA's 
experience in conducting security threat assessments that include watch 
list matching, TSA has carefully selected the personal information that 
TSA believes is necessary to conduct effective watch list matching for 
aviation passengers. Consequently, u