According to a letter (PDF) sent by the committee to the TSA Assistant Secretary, Edmund Hawley, the Travel Verification Identity Program Web site section, where people dispute their presence on the "no-fly" list, "lacked basic measures to ensure the security and privacy of information submitted" when it was first launched. This site collected personal information such as Social Security numbers, dates of birth, hair and eye color. It is alleged that site lacked basic security measures, including a lack of encryption which could result in personal information being put at risk.
Representative Henry Waxman, Head of the Oversight Committee, stated in the letter that it was also thought that because of poor quality and errors, the site may have been an attempt at phishing. "In addition, security experts pointed out that the Web site text had numerous spelling errors and that the attached form did not have an OMB number, which all federal government forms are required to have."
The TSA has until March 9th to supply the proper documentation to the committee.
Photo Courtesy of CBP.