The Purposes and Uses of Lists
Most Americans would agree that, in theory, terrorist watch lists serve an important role in protecting our national security. But the reality is that our current system is one plagued with fundamental problems that are actually hindering national security efforts. The watch list system must be substantially reformed if it is to enhance domestic security while upholding the American values of justice and liberty.
The current terrorist watch list system is a maze comprised of no fewer than twelve lists maintained by nine agencies. Since 2003, a central watch list known as the Terrorist Screening Database (TSDB) has been maintained under the auspices of the Federal Bureau of Investigation-linked Terrorist Screening Center (TSC). This consolidation attempts to integrate intelligence gathering efforts by various government agencies, although even after creation of the integrated TSC, individual agency lists have remained in use. Significantly, the consolidated database now receives data from the Terrorist Identities Datamart Environment (TIDE), a compilation of reports from the intelligence community around the world. According to a report last spring in the Washington Post, TIDE is “a vacuum cleaner for both proven and unproven information,” and overworked analysts at the TSC must sift through each nightly data dump to decide which names to add to the consolidated watch list. Karen DeYoung, Terror Database Has Quadrupled in Four Years , Wash. Post, Mar. 25, 2007, at A1.
Today, agency watch lists are employed by a variety of federal agents in a myriad of contexts, many of which go far beyond security. According to a recent report by the U.S. Government Accountability Office (GAO), as of May 2007, the consolidated watch list included approximately 755,000 records. GAO found that from the inception of the consolidated TSC watch list in December 2003 through May 2007, law enforcement agencies positively matched people to watch lists approximately 53,000 times. The use of watch lists has been most widely reported in the press in the context of the No Fly List used to screen airline passengers. The No Fly and Selectee Lists are maintained by the Transportation Security Administration (TSA) and contain names of people to be barred from flying or subjected to additional screening, respectively. The Department of Defense uses watch lists as part of its security clearance procedure in vetting candidates for employment and government contracts. As addressed in a recent report by the Lawyers’ Committee for Civil Rights of the San Francisco Bay Area, the Treasury Department publishes its Office of Foreign Assets Control watch list and encourages private businesses to screen applicants for everything from loans to employment using that lengthy list of names. The report notes that because the computerized programs that screen individuals may catch even partial name matches, a common first, last, or middle name can cause someone to be flagged, including such names as Alberto Gonzales and Paula Abdul. The use of such lists by inadequately trained agents of private corporations greatly increases the potential for misuse and abuse.
Documented Errors and the Need for Reform
Government reports have confirmed these types of problems and more. In June 2005, the U.S. Department of Justice’s Office of the Inspector General reported that its review of the TSC’s consolidated watch list found several common causes of error—including inconsistent record counts, duplicate records, and a lack of data fields and unclear sources for some records—and recommended extensive reforms. The procedures for adding names to lists vary widely among the nine separate frontline agencies, with predictable consequences. According to a 2006 GAO report, TSC data indicate that about half of the tens of thousands of potential matches sent to the center between December 2003 and January 2006 for further research turned out to be misidentifications.
Additionally, a June 2006 report issued by the U.S. Department of Homeland Security’s Inspector General found that frequent travelers with names similar to those in the TSDB are repeatedly subject to heightened screening, and there is no working system in place to allow such people to demonstrate they have already been cleared. The report notes that “the vast majority of false positive matches to the TSDB are repeat screenings of individuals that have been matched previously and at that time determined not to be the person watchlisted in the terrorist database.” U.S. Dep’t of Homeland Security, Office of Inspector General, Review of CBP Actions Taken to Intercept Suspected Terrorists at U.S. Ports of Entry at 3 (OIG-06-43 June 2006). A follow-up audit released by the Justice Department Inspector General in September 2007 found errors in 38 percent of the records subject to the TSC’s “routine quality assurance review” and concluded that the TSC’s quality assurance program “continues to lack important safeguards for ensuring data integrity.” U.S. Dep’t of Justice, Office of the Inspector General Audit Division, Follow-Up Audit of the Terrorist Screening Center at iii (Audit Report 07-41 Sept. 2007). Most recently, the GAO concluded in its October 2007 report that the federal government lacks a coordinated “governance structure with clear lines of responsibility and authority” that makes it “difficult for the federal government to monitor its efforts and to identify best practices or common corrective actions that could help to ensure that watch list records are used as effectively as possible.” Government Accountability Office, Terrorist Watch List Screening: Opportunities Exist to Enhance Management Oversight, Reduce Vulnerabilities in Agency Screening Processes, and Expand Use of the List at 52 (GAO-08-110) (Oct. 2007).
In response to criticism from these oversight agencies and the public, the government has taken some steps to improve the governance of its watch lists. In early 2007, the TSC and the TSA initiated a comprehensive review of the No Fly List, reducing the total number of names by approximately 50 percent. The agencies then proceeded to conduct a similar review of the Selectee List that requires enhanced screening of certain passengers. While such efforts are clearly important, a one-time review is grossly insufficient; the extraordinary percentage of names removed highlights the failings of the watch list nomination process more than it underscores the efficacy of the subsequent review.
The newly implemented Traveler Redress Inquiry Program (TRIP) has similarly failed to cure these problems. TRIP was designed to provide an expedited online means of checking the progress of inquiries regarding removal from a watch list. However, as a Department of Homeland Security spokes?person told the New York Times , the system has received 600 to 800 complaints a week “and it takes time to process them through all of the federal agencies who can contribute to the terrorism watch list.” Neil MacFarquhar, Borders Spell Trouble for Arab-American , N.Y. Times, Apr. 29, 2007. The bottom line? Overworked agency personnel struggle to sort through the mountains of data and complaints, leaving most targeted travelers exactly where they started.
Watch list errors are especially troubling because they affect our personal freedoms as well as our safety. It is important to recognize that two distinct dangers arise from “false positives” on government watch lists. First, mistaken targeting wastes limited government resources on the searching and tracking of innocent travelers. When the criteria for inclusion on a watch list are so broad as to include U.S. senators, children, and commercial airline pilots, the ability of TSA agents to target those passengers of actual concern is greatly diminished.
Second, as an April 2006 report by the Department of Homeland Security recognized, “individuals who are mistakenly put on watch lists or who are misidentified as being on these lists can potentially face consequences ranging from inconvenience and delay to loss of liberty.” U.S. Dep’t of Homeland Security, Privacy Office, Report Assessing the Impact of the Automatic Selectee and No Fly Lists on Privacy and Civil Liberties as Required under Section 4012(b) of the Intelligence Reform and Terrorism Prevention Act of 2004 at i (Apr. 27, 2006). For those persons listed erroneously, the costs range from minor inconvenience to serious damage to reputations to substantial invasions of privacy and limitation on freedom of action.
The Limitations of Current Law
Though influenced by a variety of constitutional doctrines and statutory parameters, watch list use has not yet been addressed by either Congress or the courts in a way that ensures the protection of both security interests and individual rights and liberties. American lawyers may at first believe the solution to the problem of watch list errors lies in procedural due process for listed people. However, many uses of watch lists, such as those requiring enhanced screenings at airports, may not impose a sufficient burden on persons to trigger a constitutional due process analysis. The Supreme Court held in Paul v. Davis, 424 U.S. 693 (1976), that the mere inclusion of an individual’s name on a potentially stigmatic list is not enough to implicate a “liberty interest” protected by due process. Furthermore, conventional due process proceedings, which depend on hearings to resolve individual disputes, are not independently sufficient given the aims of any watch list program. Moreover, notification to inform persons that they have been included on a watch list would compromise the national security interests that these lists were designed to serve.
As for statutory rights, the existing federal law that comes closest to requiring accuracy and fairness in government watch lists is the Privacy Act of 1974, 5 U.S.C. § 552a. Unfortunately, agencies maintaining and using watch lists have generally been able to exempt their watch list programs from the relevant provisions of that act. The head of any agency that maintains a watch list may promulgate a rule to exempt the list from the Privacy Act’s access and correction provisions if the record is properly classified or, under certain conditions, if it constitutes investigatory material compiled for law enforcement purposes.
Finding Real Solutions
Because no potentially applicable legal requirements—neither those of the Privacy Act nor of the Constitution’s Due Process Clause—provide adequate guidance for regulating their use, we must adopt new rules to promote fairness and accuracy in the use of government watch lists. To this end, the Constitution Project’s Liberty and Security Committee has issued a series of recommendations contained in a report entitled Promoting Accuracy and Fairness in the Use of Government Watch Lists. The recommendations, endorsed by a bipartisan group of policy experts, former government officials, and legal scholars, urge policymakers to strictly limit the situations in which watch lists may be used and suggest procedures both to improve the accuracy of watch lists and to establish a substantive system of redress for those persons wrongly included on such lists.
First and foremost, watch lists should not be used in contexts such as employment, where the burdens on individuals are substantial and the government can protect national security effectively through careful contemporaneous investigation. Watch lists are unnecessary in such instances and therefore the costs to civil liberties outweigh the potential security benefits. Watch lists should be used only in situations in which decisions must be made quickly and grave consequences would follow from a failure to screen out a listed person, such as the screening of passengers at airports.
For the limited situations in which watch lists are appropriate, the government should adopt procedures to improve the accuracy of the lists at the “front end”—the process by which a person is added to a list. With greater efforts to create lists that are accurate in the first place, there will be fewer complaints to process and fewer redress hearings to hold. Furthermore, creating reliable and accurate lists would permit agencies to focus government resources where they can be most productive—in investigating people reasonably suspected of terrorist or other criminal activity.
The Constitution Project’s recommendations include four specific front end reforms. First, the government should establish clear standards for the inclusion of a person’s name on a watch list. Second, agencies maintaining watch lists should follow a rigorous nominating process to ensure that the decision to include or exclude names is relatively uniform no matter who makes the nomination. Third, agencies should adopt internal monitoring programs to ensure the completeness, relevance, and accuracy of all records, including the complete, timely, and accurate correction of errors. Fourth, agencies should establish procedures to protect the security and accuracy of data sharing across agencies.
Yet even if such procedures are adopted to improve the accuracy of watch lists, we will still need to provide people with a fair opportunity at the back end to challenge their inclusion on such lists. A robust redress system would offer the public a mechanism for correcting erroneous listings, ensure government accountability, and restore confidence in watch list programs. Challenge procedures should be available both for cases of mistaken identity—where people claim they simply share a name with a person who was meant to be on the list—and for cases in which people seek to challenge the evidence that led to their inclusion on the list. The specific types of procedures that will be needed for such challenges will vary with the circumstances, including the nature of the complaint and the degree to which the government has already adopted procedures to improve accuracy at the front end. When formal hearings are needed, the issue of access to confidential records by private counsel could be handled by employing government attorneys who will have security clearances at a level adequate to review the material.
Watch lists must be employed accurately and fairly, both to provide effective security tools and to avoid undercutting the very values they are designed to protect. Liberty and security are not mutually exclusive; rather, they are mutually reinforcing . Fair and accurate use of watch lists can promote national security while protecting liberty.