(a)
(b)
(1)
(2)
(3)
(A) ensure that the records maintained under this subsection contain information determined by the Secretary to authenticate the identity of such a passenger or individual;
(B) furnish to the Transportation Security Administration, United States Customs and Border Protection, or any other appropriate office or component of the Department, upon request, such information as may be necessary to allow such office or component to assist air carriers in improving their administration of the advanced passenger prescreening system and reduce the number of false positives; and
(C) require air carriers and foreign air carriers take action to identify passengers determined, under the process established under subsection (a), to have been wrongly identified.
(4)
(A) require that Federal employees of the Department handling personally identifiable information of passengers (in this paragraph referred to as "PII") complete mandatory privacy and security training prior to being authorized to handle PII;
(B) ensure that the records maintained under this subsection are secured by encryption, one-way hashing, other data anonymization techniques, or such other equivalent security technical protections as the Secretary determines necessary;
(C) limit the information collected from misidentified passengers or other individuals to the minimum amount necessary to resolve a redress request;
(D) require that the data generated under this subsection shall be shared or transferred via a secure data network, that has been audited to ensure that the anti-hacking and other security related software functions properly and is updated as necessary;
(E) ensure that any employee of the Department receiving the data contained within the records handles the information in accordance with the section 552a of title 5, United States Code, and the Federal Information Security Management Act of 2002 (Public Law 107–296);
(F) only retain the data for as long as needed to assist the individual traveler in the redress process; and
(G) conduct and publish a privacy impact assessment of the process described within this subsection and transmit the assessment to the Committee on Homeland Security of the House of Representatives, the Committee on Commerce, Science, and Transportation of the Senate, and Committee on Homeland Security and Governmental Affairs of the Senate.
(5)
(Added Pub. L. 110–53, title XVI, §1606(a), Aug. 3, 2007, 121 Stat. 482.)
Sections: Previous 44919 44920 44921 44922 44923 44924 44925 44926 44927 44933 44934 44935 44936 44937 44938 Next
Last modified: October 26, 2015