How the TSA Implements Redaction, New Software Solutions

How the TSA Implements Redaction, New Software Solutions

Who is the TSA?

The TSA is the Transportation Security Administration, which is a government agency that falls under the management of the Department of Homeland Security (DHS). The TSA has authority over security measures on public transportation. Though the agency does work with surface travel, it is primarily concerned with air travel. The agency was developed in response to the September 11 terrorist attacks that occurred against the United States.

The security agency was initiated to help better protect citizens. It covers the security of the nation, the planes, and the flyers. It works to decrease the amount of illicit transportation of drugs or stolen goods. All these are positive benefits of the TSA, though the added weight has pushed many to choose road travel over air travel to avoid such delays and intrusiveness.

Why Transportation Services Use Redaction

The TSA gathers a great deal of security information in airports from video surveillance systems. The cameras capture people while they are in parking lots, stepping out of cars that drop them at the gate, and even approaching the entrance. Once inside the airport, all individuals in the building are under constant surveillance. Airports also employ facial recognition software to keep criminals and other known terrorists from boarding planes under false identifications. Video is taken of your luggage contents as it is put through monitors and checked for restricted items.

For security reasons, airports store video data for an extended period before it is eventually destroyed. When the TSA and other security agents secure video footage on their computer systems, they must be prepared for a breach from unscrupulous hackers just like every business. This data must be protected and redacted before it is stored. Redaction is how the security video can be maintained for future needs while still protecting individuals’ privacy. Files are also encrypted for additional protection. The TSA uses redaction to get the most out of their surveillance systems and provide greater security while still respecting citizens’ privacy rights.

TSA Redaction Accountability

The TSA has policies and procedures to provide both safety and protect personally identifiable information (PII). The DHS and TSA both include PII under their term of Sensitive Security Information or SSI. According to the TSA’s document entitled The TSA SSI Program Office’s Identification and Redaction of Sensitive Security Information manual, “Protecting Sensitive Security Information (SSI), which can pose a risk to transportation security if released, must be balanced with ensuring transparency.” The document was prepared as part of a review to assure that the TSA SSI Program office properly reviews and redacts SSI.

Even with the policies and procedures in place, the TSA also has outside privacy professionals review to ensure that they are always doing the best job from both a security and privacy standpoint. The reviewing agency found that the TSA works diligently to follow all policies and procedures to redact video footage for SSI. They also found areas that could use improvement. Due to these types of reviews, the TSA is continuously striving to better its redaction program to meet the best standards available.

Video redaction in airports could include the removal or blurring of SSI. SSI could be individual faces, license plates, documents, laptop or cellphone screens, or any other piece of video that could include PII. To manually redact a few minutes of video to privacy standards could take hours of employee time. The work hours could overload the TSA program budget and lead to shoddy work or even mistakes made as employees work to handle such an impossible amount of video footage.

Automation is key to managing such a massive amount of video. Redaction software systems use artificial intelligence and smart algorithms to locate all PII within the video and remove them accurately. This automation speeds up, allowing the software to keep up with the massive amount of recorded video data that each airport and airline produces.

How much redaction is done to video data depends on the quantity of data, and the amount of SSI required to be removed or concealed. The TSA defines SSI as any information obtained or developed while managing security activities. It is data that, if disclosed, would either represent an unwarranted invasion of privacy, reveal trade secrets, or any privileged or confidential information obtained about any individual or person. It also includes any details that could be determined to be detrimental to transportation security. There are 16 specified categories of SSI that are directly related to TSA security. These would include the following:

The TSA SSI Program office reviews more than merely material submitted by TSA program offices. It also examines data from various Department of Homeland Security agencies, the Government Accountability Office (GAO), Congress, and other federal entities that review data for SSI’s redaction process and should not be disclosed publicly.

Security for Safety, Privacy for Individuals

The concept behind the TSA mission and the inclusion of redaction is security for safety and privacy for individuals. The agency was newly formed in November of 2001. Initially, it was placed within the United States Department of Transportation domain. Later in March of 2003, it was given additional responsibilities and moved to be under the Department of Homeland Security’s control. As with any new business or government agency, the TSA did face hiccups in its beginning. Citizens were outraged over the long lines and felt deeply invaded by the TSA workers in airports. Over time, this became a normalized part of air travel.

As TSA had taken on additional redaction responsibilities that included a variety of other departments and agencies, concern had arisen regarding the TSA’s abuse or misuse of data that included an SSI designation. An investigation was initiated by the House Committee on Oversight and Government Reform. The committee did criticize the TSA for possible misuse of data but praised the organization as it grew into itself for having made significant improvements to its redaction programs.

Flash forward to May 2016, the House Committee on Homeland Security requested that the Office of Inspector General review the TSA’s use of the SSI designation. The DHS Inspector had expressed concern that the TSA was abusing its authority and stewardship of reaching redaction programs. In the end, the reports show that the TSA continually updates and reviews policies and procedures for handling redaction so that it is consistently improving over time.

Both DHS and TSA have specific management directives that describe precisely how to handle sensitive data. The TSA is permitted to mark particular files containing SSI. Still, before any public release, it must first be forwarded to the TSA SSI Program office for review that appropriate redactions have taken place. The rules for the redaction process and the handling of SSI within the TSA are published in The SSI Policies and Procedures Handbook. The handbook covers rules and handling methods for SSI within all media types, including hard copies (paper), soft copies (electronic), magnetic, CD’s, DVD’s, video, and other types of media, both written and verbal.

All employees who handle SSI are cleared for their positions and agree to stringent rules and procedures to manage the data. The TSA works hard to protect SSI, the privacy of citizens, government officials, and others through its substantial redaction program; however, in the event of a national emergency, redaction processes can be temporarily suspended to handle only necessary threat information.

Automated Redaction Software

Automated redaction software, such as the type produced by CaseGuard, is required by such a wide-ranging agency that handles this significant amount of data. Through highly developed smart algorithms, artificial intelligence, and machine learning, CaseGuard automated redaction software takes tremendous amounts of data. It offers an accurate redaction process that can be done in a short amount of time. Manual redaction of just a few minutes of video data could take eight to ten hours of employee time. For airports, governments, and the TSA, to manually redact hundreds of thousands of video data hours would take an enormous workforce and a considerable price tag. The way to minimize costs and to cleanse far more accurately is through intelligent automation.

For software packages like CaseGuard, TSA employees do not have experience in video redaction. Its intuitive design and workflow management make it the perfect type of redaction software for such a large volume of data. Employees are easily trained on the software, and it can be used for all kinds of media. There is no longer a reason to have multiple software types to train employees specifically to handle other data types. CaseGuard handles redaction for audio, video, or any kind of document. This allows for entire departments to be on the same page and consistent in their use of redacting SSI.

For the immense amount of video data produced at airports or other government security agencies, accuracy is required. CaseGuard’s automatic redaction algorithms improve the more it is used through machine learning. The software can be directed to identify specific data points such as license plates, faces, documents, or computer screens, and redact these details automatically. In airports, individuals and workers are always on the move. CaseGuard’s system also can track an object as it moves and edits the necessary details automatically, saving thousands of working hours and the budget.

The package even allows for the enhancement of footage so that the smallest details are captured and redacted as required. For the TSA, redaction is a large part of their job description. Video surveillance is used to keep passengers and American citizens safe, and their redaction procedures keep your private details, personally identifiable information, and other security threats secure from disclosure. Automated redaction makes it happen.

Related Reads