Secure Flight Program

Layers of Security

LATEST NEWS!

Click here to read the Secure Flight Final Rule announced on October 22, 2008.
Click here to read the Secure Flight Press Release on the Final Rule
Privacy Documents
Redress Process - DHS TRIP
Testimonies
Helpful Links

Secure Flight Overview

Secure Flight is a program developed by the Department of Homeland Security (DHS) in response to a key 9/11 Commission recommendation: uniform watch list matching by TSA. The mission of the Secure Flight program is to enhance the security of domestic and international commercial air travel through the use of improved watch list matching.

Secure Flight will conduct uniform prescreening of passenger information against federal government watch lists for domestic and international flights. TSA will take over this responsibility from aircraft operators who, up until now, have been responsible for checking passengers against government watch lists. Secure Flight passenger watch list matching will apply to all domestic and international passengers traveling on covered aircraft operator flights into, out of, within or over the United States. Secure Flight will also apply to point-to-point international flights operated by U.S.-based aircraft operators.

The initial implementation phase of Secure Flight will result in the complete transfer of responsibility for passenger watch list matching to TSA from aircraft operators whose flights operate within the United States. The second phase of Secure Flight will result in the transfer of responsibility for passenger watch list matching to TSA for flights into, out of, and over the United States to TSA.

By assuming watch list matching responsibilities from the airlines, TSA will:

Decrease the chance for compromised watch list data by limiting its distribution
Provide earlier identification of potential matches, allowing for expedited notification of law enforcement and threat management
Provide a fair, equitable, and consistent matching process across all airlines
Reduce instances of misidentified individuals
Offer consistent application of an expedited and integrated redress process for misidentified individuals via the Department of Homeland Security's Travel Redress Inquiry Program (DHS TRIP)

How it Works

Secure Flight will match the name, date of birth and gender information for each passenger against government watch lists to:

Identify known and suspected terrorists
Prevent individuals on the No Fly List from boarding an aircraft
Identify individuals on the Selectee List for enhanced screening
Facilitate passenger air travel
Protect individuals' privacy

After matching passenger information against government watch lists, Secure Flight will transmit the matching results back to aircraft operators.

Passenger, Airlines, and Secure Flight workflow chart

TSA is not requiring individuals to provide other information such as passport information and known redress number (if available) to aircraft operators. However, covered aircraft operators must transmit such information to TSA if it is provided by the passenger. Providing the optional information is beneficial to passengers as it helps ensure they are not misidentified as a person on a watch list.

Secure Flight does NOT assign a score to individuals, use commercial data or predict behavior.

Privacy

Ensuring the privacy of individuals is a cornerstone of Secure Flight. TSA has developed a comprehensive privacy plan to incorporate privacy laws and practices into all areas of Secure Flight. The program has worked extensively to maximize individual privacy.

In addition to assuring compliance and re-enforcing the Secure Flight commitment to protecting privacy, Secure Flight has created an environment dedicated to guaranteeing a Secure Flight privacy mission that is front and center every day.

The Secure Flight Privacy Program includes:

Foundational Privacy Principles: Tenets that underpin and guide all Secure Flight behaviors, requirements, systems and processes;
Privacy Organization: Dedicated Privacy Officer and privacy staff, processes and procedures responsible for privacy compliance, assessing Secure Flight privacy risks and for developing and implementing plans to effectively manage those risks;
Privacy Policy: Secure Flight privacy policies, procedures, standards and rules of behavior and ways to adhere to them;
Systems Development and Security: Administrative, physical and technical safeguards that manage privacy risks throughout the lifecycle of the Secure Flight system;
Awareness and Training: Programs to make the Secure Flight organization and its stakeholders, including the traveling public and the airlines, aware of Secure Flight's privacy posture and practices;
Monitoring and Compliance: Programs to monitor adherence to statutory and regulatory privacy requirements and Secure Flight's privacy principles, policies, procedures, standards and rules of behavior;
Redress and Response: Systems and processes to respond, if needed, to privacy inquiries, issues and incidents; and
Privacy Risk Management: Tools and techniques to support Secure Flight privacy risk management.

Personal Information - TSA will collect the minimum amount of personal information necessary to conduct effective watch list matching. Furthermore, personal data will be collected, used, distributed, stored, and disposed of in accordance with stringent guidelines and all applicable privacy laws and regulations. Secure Flight has published an updated Privacy Impact Assessment (PIA) in conjunction with the Final Rule and System of Records Notice (SORN) published in the Federal Register, August 23, 2007 provide detailed information about the program's privacy approach.

TSA will not collect or use commercial data to conduct Secure Flight watch list matching.

TSA's Secure Flight Exemption Rule was published November 9, 2007, in the Federal Register. The Exemption Rule provides the public notice of TSA's decision to exempt the Secure Flight Records system (DHS/TSA 019) from several provisions of the Privacy Act of 1974, as well as the basis for the claimed exemptions. Additionally, the Exemption Rule provides a comprehensive response to public comments received for the Secure Flight Notice of Proposed Rule Making for Privacy Act Exemptions.

Secure Flight and APIS

Passenger, DHS Trip, and Secure Flight chart

In 2006, DHS directed CBP and TSA to align the pre-departure APIS and Secure Flight concepts and systems to provide "One DHS Solution" to the commercial aviation industry and the traveling public. Since then, CBP and TSA have worked together closely to align the two programs and plans for implementation.

During the first stage of implementation, the scope of Secure Flight will include only flights within the United States. Watch list matching for international flights will continue to be performed by the Advanced Passenger Information System (APIS), a program implemented by the U.S. Customs and Border Protection (CBP) or the aircraft operators. As Secure Flight begins implementation, TSA will continue to work with CBP to ensure consistency with APIS. CBP and TSA have coordinated their respective rulemaking processes to facilitate consistency across the APIS and Secure Flight programs.

Under the Secure Flight Final Rule, TSA will assume responsibility for watch list matching for both domestic and international passengers to promote consistency across airlines. TSA is working closely with CBP to align its testing process and to plan for the transition of watch list matching for international flights to TSA. Transitioning this function to TSA allows CBP to more effectively focus on its core mission of border enforcement and protection, while allowing TSA to more effectively fulfill its mission of ensuring aviation security.

Background

Section 4012(a) of the Intelligence Reform and Terrorism Prevention Act of 2004 (IRTPA) required DHS to assume from air carriers the comparison of passenger information to the Selectee and No Fly Lists and to utilize all appropriate records in the consolidated and integrated watch list that the Federal Government maintains. The final report of the National Commission on Terrorist Attacks Upon the United States (9/11 Commission Report) recommended that the watch list matching function "should be performed by TSA and it should utilize the larger set of watch lists maintained by the Federal Government."

Secure Flight published its Notice of Proposed Rule Making (NPRM) in conjunction with the release of the APIS Pre-Departure Final Rule in August 2007. From August 2007 through November 21, 2007, TSA accepted comments from the public and industry on the NPRM. The comment period for the Secure Flight NPRM closed on November 21, 2007. During preparation of the Final Rule, TSA tested the program and considered public comments on the Secure Flight NPRM. It took these comments into consideration while modifying and eventually issuing the Final Rule.

Consequently, TSA announced the final rule to implement the Secure Flight program on October 22, 2008. Under the program, TSA receives passenger and certain non-traveler information from aircraft operators. After conducting watch list matching, TSA will transmit boarding pass printing results based on watch list matching results back to aircraft operators.

Testimonies

Helpful Links

Read the Press Release
Secure Flight Final Rule
Advance Passenger Information System Pre-Departure Final Rule (PDF, 4.5 MB)
Secure Flight - Privacy Impact Assessment (PDF, 222 KB)
Secure Flight - System of Records Notice (PDF, 555 KB)
TSA Meets Secure Flight Milestone (9/9/08)
DHS Traveler Redress Inquiry Program (TRIP)
Airline Registration
Passenger Tips for Traveling

Download Plug-in
Some of the links on this page require a plug-in to view them, which are available below.

Adobe Acrobat (PDF)

WinZip