February 26, 2007 By Gina M. Scott
According to a letter (PDF) sent by the committee to the TSA Assistant Secretary, Edmund Hawley, the Travel Verification Identity Program Web site section, where people dispute their presence on the "no-fly" list, "lacked basic measures to ensure the security and privacy of information submitted" when it was first launched. This site collected personal information such as Social Security numbers, dates of birth, hair and eye color. It is alleged that site lacked basic security measures, including a lack of encryption which could result in personal information being put at risk.
Representative Henry Waxman, Head of the Oversight Committee, stated in the letter that it was also thought that because of poor quality and errors, the site may have been an attempt at phishing. "In addition, security experts pointed out that the Web site text had numerous spelling errors and that the attached form did not have an OMB number, which all federal government forms are required to have."
The TSA has until March 9th to supply the proper documentation to the committee.
Photo Courtesy of CBP.
This Digital Communities white paper highlights discussions with IT officials in four counties that have adopted shared services models. Our aim was to learn about the obstacles these governments have faced when it comes to shared services and what it takes to overcome those roadblocks. We also spoke with several members of the IT industry who have thought long and hard about these issues. The paper offers some best practices for shared government-to-government services, but also points out challenges that government and industry still must overcome before this model gains widespread adoption.