Automated Targeting System
The Automated Targeting System or ATS is a United States Department of Homeland Security computerized system that, for every person who crosses U.S. borders, scrutinizes a large volume of data related to that person, and then automatically assigns a rating for which the expectation is that it helps gauge whether this person may be placed within a risk group of terrorists or other criminals. Similarly ATS analyzes data related to container cargo.
These ratings take many details into account, such as country of origin, how travel to the U.S. was funded, and the visitor's driving record. Other more mundane details also factor in, such as where the person is sitting on the flight and what they ordered for their meal.
The existence of such a system was first discovered by the public in November 2006, when a mention of it appeared in the Federal Register. The system was first implemented in the late 1990s, and was significantly expanded shortly after the 9/11 Terrorist Attacks.
Exemption from Privacy Act
Following the controversial Passenger Name Record agreement signed with the European Union in 2007, the Bush administration proposed to exempt the Automated Targeting System from the requirements of the 1974 Privacy Act for access to records and for an accounting of disclosures. Those proposed exemptions were finalized on February 3, 2010.Litigation
Lawsuits have been filed under both the Privacy Act and the Freedom of Information Act seeking disclosure of information about ATS as well as records from ATS dossiers about individuals.EFF v. Department of Homeland Security
On December 19, 2006, the Electronic Frontier Foundation's FOIA Litigation for Accountable Government project filed suit against the Department of Homeland Security under FOIA, demanding "immediate answers about an invasive and unprecedented data-mining system deployed on American travelers."
Shearson v. Department of Homeland Security
In June 2006, Julia Shearson, Executive Director of the Cleveland Chapter of the Council on American Islamic Relations filed suit pro se against the DHS under the Privacy Act, seeking disclosure of records about herself from ATS and the correction of erroneous records falsely characterizing her as a terrorist.
In 't Veld v. Department of Homeland Security
On July 1, 2008, the EFF FLAG project filed suit against the DHS under FOIA on behalf of Sophie In 't Veld, a Member of the European Parliament from the Netherlands, seeking disclosure of records about herself from ATS and other systems of records.
Hasbrouck v. U.S. Customs and Border Protection
On August 25, 2010, Edward Hasbrouck of the Identity Project filed suit against CBP under the Privacy Act and FOIA, seeking disclosure of records about himself from ATS, information about how ATS records are retrieved, and records related to the processing of his previous Privacy Act requests and appeals for ATS records. Mr. Hasb rouck was represented by the First Amendment Project.
Gellman v. Department of Homeland Security et al.
On April 4, 2016, Pulitzer Prize-winning journalist Barton Gellman filed suit against DHS and other Federal agencies under the Privacy Act and FOIA, seeking disclosure of records about himself including "ticket and flight information, Passenger Name Records, records pertaining to inspections... any other data collected and/or stored by ATS-P." Mr. Gellman was represented by the Reporters Committee for Freedom of the Press.
Opposition
Organizations and security experts have expressed opposition to the system, citing concerns about reliability and undue scrutiny.The American Civil Liberties Union had similar concerns:
"Never before in American history has our government gotten into the business of creating mass 'risk assessment' ratings of its own citizens," said Barry Steinhardt, Director of the ACLU's Technology and Liberty Project. "That is a radical new step with far-reaching implications – but one that has been taken almost thoughtlessly by expanding a cargo-tracking system to incorporate human beings, and with little public notice, discussion, or debate."
The Association of Corporate Travel Executives requested an immediate suspension of the program, stating:
While ATS is undoubtedly raising red flags among privacy advocates and other groups that question the legality and intent of such programs, ACTE is primarily concerned with the economic impact this initiative will have on the business travel community. Delays, missed flights, canceled meetings, and potential arrests will generate staggering costs. In an ACTE survey dating to 2004, 97 percent of respondents stated that programs like this will have a negative impact on travel. This could very will be the impetus for businesses to fully explore alternatives to travel.
Bruce Schneier, noted security specialist and writer, wrote about ATS:
There is something un-American about a government program that uses secret criteria to collect dossiers on innocent people and shares that information with various agencies, all without any oversight. It's the sort of thing you'd expect from the former Soviet Union or East Germany or China. And it doesn't make us any safer from terrorism.
The Electronic Frontier Foundation expressed their concerns:
The Automated Targeting System will create and assign "risk assessments" to tens of millions of citizens as they enter and leave the country. Individuals will have no way to access information about their "risk assessment" scores or to correct any false information about them. But once the assessment is made, the government will retain the information for 40 years -- as well as make it available to untold numbers of federal, state, local, and foreign agencies in addition to contractors, grantees, consultants, and others.
The Identity Project filed a series of formal comments objecting to the ATS:
The Identity Project has filed comments with the DHS, objecting to this proposal. Among other things, we’ve pointed out that Congress has expressly forbidden the DHS from spending a penny on any system like this to assign risk scores to airline passengers, and that the Privacy Act forbids any Federal agency form collecting information about how we exercise rights protected by the First Amendment — like our right to travel — except as expressly directed by Congress.