TSA Privacy: Agency Scraps Bluetooth Tracking Plan Over Privacy Concerns

When it comes to unpopular federal agencies, the Transportation Security Administration may be the least favorite of the bunch. A recent, somewhat dubious — and now scrapped — initiative it tested with the reported intention of saving passengers time isn't helping the agency win the hearts of flyers. 

The TSA, created in response to the September 11, 2001, attacks, is on the receiving end of a constant barrage of criticism, and with good measure: While implementing ever-tightening security measures, the TSA has been repeatedly shown to let big-ticket threats like a gun and test bombs through its security checkpoints. The agency's enhanced screening measures, which use an x-Ray to look for items hidden under clothing and allow agents to pat down passengers' thighs and groins more thoroughly, are a privacy concern for travelers and rights groups. 

By far the most common gripe against the TSA are the delays its procedures cause for travelers standing in line at an airport's security checkpoint. Taking off belts and shoes, surrendering errant liquids and pulling laptops out of backpacks takes time, creating holdups and breeding general discontent among waiting passengers. Though there have been whispers that the TSA may let you keep your shoes on at some point in the future, for now, the TSA has tested out a new plan that it claimed would prevent long waits at the airport. 

Last August, the TSA announced that it would be testing Automated Wait Time (AWT) technology, which involves tapping into the signals put out by Bluetooth devices carried by people at the airport, and using those signals to record data on wait times. This data, the TSA explained would be used to "deploy resources, as appropriate, to reduce delays in checkpoint queues," namely by displaying estimated wait times on overhead monitors.

While reduced wait times sound great, the idea of letting an agency already under fire for privacy invasion tap into your cell phone, laptop or tablet is unsettling. While testing the technology at airports in Indianapolis and Las Vegas last year, the TSA sought to assuage privacy fears by hanging up signs reassuring passengers that all data would be encrypted and deleted within 2 hours. The signs also encouraged those who did not want to participate in the testing to turn off their Bluetooth signal.

The option to opt and the promise to delete data are comforting, but the technology still poses a privacy concern, especially considering the TSA's history of being loose with private information. In 2007, security blogger Christopher Soghoian found that the Traveler Identity Verification Program website, where persons could dispute their placement on the TSA's No Fly list, was being operated unsecured by a private company, exposing sensitive private information to identity theft. The AWT program, the TSA stated in a document addressing privacy concerns, was designed not to collect personally identifiable information. 

Like the Traveler Identity Verification Program website, the AWT technology was created by a private company. SITA, a large firm providing IT and telecom services to the air transport industry, proudly announced last April that the TSA had chosen it to provide the system behind the AWT initiative. As expected, SITA had nothing but good things to say about the program, unlike its critics, including Wiretapping the Internet author Julian Sanchez, who called it an "expensive and needlessly complicated way of estimating wait times compared with, say, a ticket agent writing the time at the front of the line."

Until the TSA comes up with something new to keep track of queues, writing down wait times is exactly what agents may have to do. For reasons unspecified, the AWT plan was shelved before it ever got off the ground.