b"<html>\n<title> - TSA'S RECENT SCANNER SHUFFLE: REAL STRATEGY OR WASTEFUL SMOKESCREEN?</title>\n<body><pre>[House Hearing, 112 Congress]\n[From the U.S. Government Publishing Office]\n\n\n\n \n  TSA'S RECENT SCANNER SHUFFLE: REAL STRATEGY OR WASTEFUL SMOKESCREEN? \n\n=======================================================================\n\n                                HEARING\n\n                               before the\n\n                SUBCOMMITTEE ON TRANSPORTATION SECURITY\n\n                                 of the\n\n                     COMMITTEE ON HOMELAND SECURITY\n                        HOUSE OF REPRESENTATIVES\n\n                      ONE HUNDRED TWELFTH CONGRESS\n\n                             SECOND SESSION\n\n                               __________\n\n                           NOVEMBER 15, 2012\n\n                               __________\n\n                           Serial No. 112-121\n\n                               __________\n\n       Printed for the use of the Committee on Homeland Security\n                                     \n\n                  [GRAPHIC(S) NOT AVAILABLE IN TIFF FORMAT]\n                                     \n\n      Available via the World Wide Web: http://www.gpo.gov/fdsys/\n\n                               __________\n\n                         U.S. GOVERNMENT PRINTING OFFICE \n\n81-130 PDF                       WASHINGTON : 2013 \n\nFor sale by the Superintendent of Documents, U.S. Government Printing \nOffice Internet: bookstore.gpo.gov Phone: toll free (866) 512-1800; \nDC area (202) 512-1800 Fax: (202) 512-2104 Mail: Stop IDCC, \nWashington, DC 20402-0001 \n\n\n\n                     COMMITTEE ON HOMELAND SECURITY\n\n                   Peter T. King, New York, Chairman\nLamar Smith, Texas                   Bennie G. Thompson, Mississippi\nDaniel E. Lungren, California        Loretta Sanchez, California\nMike Rogers, Alabama                 Sheila Jackson Lee, Texas\nMichael T. McCaul, Texas             Henry Cuellar, Texas\nGus M. Bilirakis, Florida            Yvette D. Clarke, New York\nPaul C. Broun, Georgia               Laura Richardson, California\nCandice S. Miller, Michigan          Danny K. Davis, Illinois\nTim Walberg, Michigan                Brian Higgins, New York\nChip Cravaack, Minnesota             Cedric L. Richmond, Louisiana\nJoe Walsh, Illinois                  Hansen Clarke, Michigan\nPatrick Meehan, Pennsylvania         William R. Keating, Massachusetts\nBen Quayle, Arizona                  Kathleen C. Hochul, New York\nScott Rigell, Virginia               Janice Hahn, California\nBilly Long, Missouri                 Ron Barber, Arizona\nJeff Duncan, South Carolina\nTom Marino, Pennsylvania\nBlake Farenthold, Texas\nRobert L. Turner, New York\n            Michael J. Russell, Staff Director/Chief Counsel\n               Kerry Ann Watkins, Senior Policy Director\n                    Michael S. Twinchek, Chief Clerk\n                I. Lanier Avant, Minority Staff Director\n                                 ------                                \n\n                SUBCOMMITTEE ON TRANSPORTATION SECURITY\n\n                     Mike Rogers, Alabama, Chairman\nDaniel E. Lungren, California        Sheila Jackson Lee, Texas\nTim Walberg, Michigan                Danny K. Davis, Illinois\nChip Cravaack, Minnesota             Cedric L. Richmond, Louisiana\nJoe Walsh, Illinois, Vice Chair      Ron Barber, Arizona\nRobert L. Turner, New York           Bennie G. Thompson, Mississippi \nPeter T. King, New York (Ex              (Ex Officio)\n    Officio)\n                     Amanda Parikh, Staff Director\n                   Natalie Nixon, Deputy Chief Clerk\n                 Vacant, Minority Subcommittee Director\n\n\n                            C O N T E N T S\n\n                              ----------                              \n                                                                   Page\n\n                               Statements\n\nThe Honorable Mike Rogers, a Representative in Congress From the \n  State of Alabama, and Chairman, Subcommittee on Transportation \n  Security.......................................................     1\nThe Honorable Danny K. Davis, a Representative in Congress From \n  the State of Illinois..........................................     3\n\n                               Witnesses\n\nMr. Jonathan R. Cantor, Acting Chief Privacy Officer, U.S. \n  Department of Homeland Security:\n  Oral Statement.................................................     3\n  Joint Prepared Statement.......................................     5\nMr. John Sanders, Assistant Administrator, Office of Security \n  Capabilities, Transportation Security Administration:\n  Oral Statement.................................................     7\n  Joint Prepared Statement.......................................     5\n\n                             For the Record\n\nThe Honorable Mike Rogers, a Representative in Congress From the \n  State of Alabama, and Chairman, Subcommittee on Transportation \n  Security:\n  Letter From Chairman Mike Rogers to Hon. John S. Pistole.......     2\nThe Honorable Danny K. Davis, a Representative in Congress From \n  the State of Illinois:\n  Joint Statement of Marc Rotenberg, President, EPIC; Ginger P. \n    McCall, Director, EPIC Open Government Project; and Jeramie \n    Scott, EPIC National Security Fellow.........................    10\n\n\n  TSA'S RECENT SCANNER SHUFFLE: REAL STRATEGY OR WASTEFUL SMOKESCREEN?\n\n                              ----------                              \n\n\n                      Thursday, November 15, 2012\n\n             U.S. House of Representatives,\n           Subcommittee on Transportation Security,\n                            Committee on Homeland Security,\n                                                    Washington, DC.\n    The subcommittee met, pursuant to call, at 10 a.m., in Room \n311, Cannon House Office Building, Hon. Mike Rogers [Chairman \nof the subcommittee] presiding.\n    Present: Representatives Rogers and Davis.\n    Also present: Representatives Walberg and Richmond.\n    Mr. Rogers. The Committee on Homeland Security, \nSubcommittee on Transportation Security will come to order. \nThis committee meeting today is to discuss TSA's use of \nbackscatter AIT machines, and I would like to take this \nopportunity to welcome our witnesses, thank them for taking the \ntime to prepare for this hearing and being here with us today. \nI really appreciate it.\n    Are you all getting feedback? It sounds like this \nmicrophone is being strange.\n    All right, thank you.\n    Three weeks ago TSA notified the public it was removing \nbackscatter AIT machines from several large airports and \nreplacing them with millimeter wave AIT machines. TSA initially \nsaid it would deploy these backscatter machines to smaller \nairports; however, TSA could not produce a list of small \nairports when prompted by the subcommittee. That is because the \nmachines won't be going to smaller airports any time soon. \nInstead, TSA is moving those 91 backscatter machines worth $14 \nmillion of taxpayer money to its storage warehouse in Texas. \nAccording to TSA, this is because the testing of backscatter \nprivacy software suddenly failed, and smaller airports don't \nhave enough space to support the backscatter machines without \nprivacy software.\n    At this time I would like to insert a letter for the \nhearing record that I sent to Administrator Pistole yesterday \nexpressing concerns about the recent allegations of contractor \nmalfeasance that may have led to the failed test that put us in \nthis situation. Without objection, it is so ordered.\n    [The information follows:]\n        Letter From Chairman Mike Rogers to Hon. John S. Pistole\n                                 November 13, 2012.\nHonorable John S. Pistole,\nAdministrator, Transportation Security Administration, 601 South 12th \n        Street, Arlington, VA 20598.\n    Dear Administrator Pistole: I am deeply troubled by recent \nallegations of contractor malfeasance as it relates to the \nTransportation Security Administration's (TSA) use of backscatter \nAdvanced Imaging Technology (AIT). According to information received by \nthe subcommittee, it appears the manufacturer of backscatter AIT \nmachines may have attempted to defraud the Government by knowingly \nmanipulating an operational test of Automated Target Recognition (ATR) \nsoftware in the field in order to have a successful outcome. In \naddition to these concerning allegations, I am extremely disturbed by \nTSA's apparent lack of oversight throughout the testing and evaluation \nof this technology.\n    I fully expect to discuss this situation at our previously \nscheduled subcommittee hearing on November 15, 2012, entitled: ``TSA's \nRecent Scanner Shuffle: Real Strategy or Wasteful Smokescreen?'' As \nsuch, please ensure that John Sanders, who will testify on behalf of \nyour agency, is prepared to answer the following questions:\n    1. When did TSA first discover that the contractor might have \n        manipulated an operational test?\n    2. What impact, if any, could the contractor's actions have on \n        aviation security?\n    3. What actions has TSA taken to deal with the potential \n        manipulation of an operational test?\n    4. What level of oversight does TSA provide during the testing \n        process?\n    5. Who was responsible for conducting the operational test and \n        certifying its success?\n    6. At the time TSA decided to move 91 backscatter AIT machines from \n        large airports to small airports, when did the agency believe \n        ATR software would be ready to install on those machines?\n    7. How long will those 91 backscatter AIT machines sit in storage?\n    8. Do you plan to remove the remaining backscatter AIT machines \n        from the field? If so, when?\n    Thank you for your prompt and personal attention to this matter. I \nappreciate your continuing efforts to secure the Nation's \ntransportation systems.\n            Sincerely,\n                                               Mike Rogers,\n                 Chairman, Subcommittee on Transportation Security.\n\n    Mr. Rogers. I hope we can get some answers today on this \nextremely disturbing situation.\n    Now, the reality is that TSA is squeezing backscatter \nmachines into its warehouse next to useless puffer machines \nthat we are all too familiar with. Perhaps the backscatter \nmachines will be put to good use eventually, but that is the \npoint: We just don't know.\n    In the mean time the subcommittee has some serious \nquestions: How did the testing of privacy software for \nbackscatter go so wrong? What level of oversight did TSA \nprovide during the testing process? Why did TSA move \nbackscatter machines out of the big airports before knowing \nwhich smaller airports to put them in? When will ATR be ready \nto install on backscatter?\n    Congress mandated that this software be installed by June. \nIn addition, TSA still has not complied with the D.C. circuit \ncourt ruling to allow for public comment on the AIT, nor has \nthe agency agreed to sponsor an independent third-party \nevaluation of the AIT's health effects, despite bipartisan \nconsensus that an independent study would be beneficial. To me, \nit appears we not only are having a technology problem, but a \nsignificant transparency problem on our hands.\n    Today I hope we can get a logical answer to some basic \nquestions about AIT and its future. I also look forward to \ngetting a better understanding of the coordination that exists \nbetween DHS and TSA when it comes to assessing passenger \nprivacy issues up front to avoid these types of costly, \nconvoluted situations where we shuffle machines around and then \nstick them in a warehouse.\n    With that, I now recognize the Ranking Member of the \nsubcommittee, the gentleman from Illinois Mr. Davis, for his \nopening statement he may have.\n    Mr. Davis. Thank you very much, Mr. Chairman, and I want to \nthank our witnesses for being with us this morning.\n    The subcommittee has closely followed advanced imaging \ntechnology for several Congresses under both Democratic and \nRepublican leadership. On this side of the aisle, my colleagues \nhave questioned both the effectiveness of the technology and \nthe cost of the machines. I have a few issues that cause us as \nmuch concern as to whether these machines undermine the \nfundamental right of privacy. It is gratifying to see that the \nChairman shares both our concerns and our commitment to \nprivacy.\n    On March 17, 2009, under the leadership of Congresswoman \nJackson Lee, this subcommittee held a hearing evaluating the \ndetection and screening technologies being used by the \nDepartment of Homeland Security. That hearing offered Members a \nchance to understand the enhanced screening technologies, \nprotocols, and procedures. In the aftermath of the Christmas \nday bomber, also known as the underwear bomber, we expressed \nour support for the deployment of these advanced imaging \ntechnologies and were assured that these new machines would \neffectively diminish the threats that continue to put aviation \nsecurity at risk.\n    Since 2009, DHS and TSA have taken steps to implement the \nAIT devices in most of the major airports in the United States. \nHowever, we know that no technology is perfect. Based on a \nconservative estimate, it appears that the Department has \ninvested at least $80 million on this technology so far. Given \nthe challenges that TSA faced in assuring privacy protections \nin these machines, and the forward movement of technology, we \nmust consider where we go from here.\n    So again, I want to thank our witnesses for being here, and \nI want to thank you, Mr. Chairman, and look forward to the \nhearing.\n    Mr. Rogers. I thank the gentleman.\n    We are pleased to have several distinguished witnesses with \nus today on this important topic. Let me remind the witnesses \nthat their entire written statements will appear in the record. \nOur first witness, Mr. Jonathan Cantor, currently serves as \nacting chief privacy officer to the Department of Homeland \nSecurity, a position he assumed in August 2012. Mr. Cantor \npreviously served as a senior policy official at both the \nDepartment of Commerce, and the Social Security Administration.\n    The Chairman now recognizes Mr. Cantor for his opening \nstatement.\n\nSTATEMENT OF JONATHAN R. CANTOR, ACTING CHIEF PRIVACY OFFICER, \n              U.S. DEPARTMENT OF HOMELAND SECURITY\n\n    Mr. Cantor. Good morning, Chairman Rogers, and thank you. \nThank you, Ranking Member Davis and distinguished Members of \nthe subcommittee. Thank you for the opportunity today to \ntestify about advanced imaging technology, or AIT.\n    As you know, the Department of Homeland Security is the \nfirst department in the Federal Government to have a \nstatutorily mandated privacy officer. I joined the Department \nin July of this year as deputy chief privacy officer, and I \npreviously served as the chief privacy officer for the \nDepartment of Commerce and in an equivalent position at the \nSocial Security Administration. I have had the pleasure of \nserving as acting chief privacy officer since the departure of \nmy predecessor Mary Ellen Callahan in early August.\n    The mission of the DHS Privacy Office is to protect the \nprivacy of individuals and their personal information by \nembedding and enforcing privacy protections and transparency \nthroughout the Department. The Privacy Office works to achieve \nthis mission by fostering a culture of privacy and \ntransparency; demonstrating leadership through policy and \npartnerships; providing outreach, education, training, and \nreports; conducting robust oversight and compliance reviews; \nand ensuring that DHS complies with Federal privacy, \nconfidentiality, and disclosure laws, policies, and principles.\n    The Privacy Office works with the Department's robust \nnetwork of component privacy officers to ensure that Department \nactivities incorporate privacy from the earliest stages of \nsystem and program development. Component privacy officers \nprovide operational insight, support, and privacy expertise for \ncomponent activities that require privacy compliance \ndocumentation.\n    The privacy impact assessment, or PIA, is a public document \nin the privacy compliance process that serves as a decision-\nmaking tool to identify and mitigate privacy risks. The PIA \nuses the Fair Information Practice Principles to assess and \nmitigate impacts on an individual's privacy. It also helps the \npublic understand what information the Department is \ncollecting, the purpose for collection, and how DHS will use, \nshare, access, and store the information.\n    The DHS Privacy Office works collaboratively with TSA to \ndevelop the Department's PIA on AIT screening. DHS published \nits original PIA in January 2008 to cover AIT screening of \npassengers at the checkpoint and has subsequently updated it \nthree times to address improvements in technology.\n    Prior to initial deployment, DHS instituted several \nsafeguards to protect the privacy of individuals who are \nscreened using AIT. These measures included providing signage \nat all AIT locations to inform the passenger of what the \nscanned image looked like and of their option to decline AIT \nscreening in favor of a physical screening.\n    DHS also instituted robust privacy protections for handling \nAIT images. Privacy protections in places where automated \ntarget recognition, or ATR, is not yet available include \nfilters to make AIT images not personally identifiable, and \nofficer review of the image in a remote location to preserve \npassenger anonymity. These steps ensure that the passenger and \nother travelers cannot see the image, and the officer viewing \nthe image cannot see the passenger. Once an officer clears an \nindividual, the image is not stored in the system and is no \nlonger viewable.\n    ATR software upgrades enhance passenger privacy by \neliminating passenger-specific images. Machines upgraded with \nATR software generate a generic outline that is displayed on \nthe screen located on the AIT machine and viewable by the \npublic. ATR-enabled units are not capable of storing or \nprinting the generic image produced during screening.\n    It is important to note that both with backscatter and \nmillimeter wave machines, a passenger may always decline the \nAIT scan and receive a pat-down as an alternative.\n    To provide additional awareness of the privacy protection \nDHS implements for AIT, the DHS Privacy Office, in \ncollaboration with TSA, has engaged with the public through \nmultiple methods. We briefed the Department's Data Privacy and \nIntegrity Advisory Committee on AIT and provided a site visit \nthat included demonstration of AIT technology. We provided a \nsimilar demonstration of AIT at a TSA test facility for members \nof the privacy advocacy community. In addition, my predecessor \nhosted quarterly roundtable meetings with privacy advocates to \ndiscuss AIT and other timely topics.\n    For the 3 months that I have served as acting chief privacy \nofficer, my office has continued to embed privacy protections \nthroughout the Department. I am happy to answer any questions \nyou may have.\n    [The joint prepared statement of Mr. Cantor and Mr. Sanders \nfollows:]\n    Joint Prepared Statement of Jonathan R. Cantor and John Sanders\n                           November 15, 2012\n    Good morning Chairman Rogers, Ranking Member Jackson Lee, and \ndistinguished Members of the subcommittee. Thank you for the \nopportunity to testify today about Advanced Imaging Technology (AIT).\n    As we have often stated, the Transportation Security Administration \n(TSA) screens approximately 1.8 million people who travel each day \nthrough 450 U.S. airports. We employ risk-based, intelligence-driven \noperations to prevent terrorist attacks and to reduce the vulnerability \nof the Nation's transportation system to terrorism. The TSA workforce \nis vigilant in ensuring the security of passengers that travel through \nour Nation's vast transportation networks. We continue to evolve our \nsecurity approach by examining the procedures and technologies we use, \nhow we carry out specific security procedures, and how we conduct \nscreening.\n           using the best technology at our nation's airports\n    History shows that the threat to our transportation networks \ncontinues to evolve, as demonstrated by devices used by the underwear \nbomber on Christmas day 2009 and the improved underwear bomb device \ndiscovered in the disrupted plot this past May. TSA works in \npartnership with private industry to develop and deploy innovative and \neffective screening technologies across the Nation's transportation \nsystem. For example, TSA and private industry's collaboration to deploy \nAIT units has resulted in Transportation Security Officers having the \nbest technology available to detect both metallic and non-metallic \nthreats.\n    TSA deploys two types of AIT: Millimeter wave and general-use \nbackscatter X-ray. Currently, there are AIT units in use at 200 U.S. \nairports. TSA has installed automated target recognition (ATR) software \non all currently deployed millimeter wave imaging technology units and \nhas tested similar software for use on its general-use backscatter \nunits. ATR software upgrades enhance passenger privacy by eliminating \npassenger-specific images. ATR also improves throughput capabilities by \nincreasing the efficiency of the checkpoint screening technology. \nMachines upgraded with ATR software generate a generic outline that is \ndisplayed on a screen located on the AIT machine and viewable by the \npublic. The software auto-detects anomalies concealed on the body that \nare then resolved through additional screening.\n    ATR-enabled units deployed at airports are not capable of storing \nor printing the generic image produced during screening and don't \nproduce a unique image for each individual. It is important to note \nthat a passenger may always decline to be scanned by AIT and will \nreceive a pat-down as an alternative.\n    While significant progress has been made, our AIT general-use \nbackscatter technology vendor has faced challenges in developing and \nrefining its ATR software, thus leading to additional lab testing and \nextensions in certifying and deploying its ATR software. In September \n2012, contract awards were made to three vendors for the purchase and \ntesting of next generation AIT units. TSA anticipates that next \ngeneration AIT units will have enhanced detection capabilities and a \nsmaller footprint, enabling faster passenger throughput; all next \ngeneration AIT units will have ATR software. Based on analysis of \nprocessing time, size of the units, passenger throughput, staffing \nrequirements, and AIT allocations, TSA has begun to install ATR-\nequipped millimeter wave AIT units at several airports that had \npreviously been equipped with general-use backscatter AIT units.\n                      protecting passenger privacy\n    The Department of Homeland Security (DHS) is committed to \nprotecting the privacy of all individuals by embedding and enforcing \nprivacy safeguards and transparency in all DHS activities. The \nDepartment's network of Component Privacy Officers work with the DHS \nPrivacy Office to ensure Department activities and incorporate privacy \nfrom the earliest stages of system and program development. DHS \nsystems, initiatives, and programs are subject to a rigorous privacy \ncompliance process, and undergo periodic reviews to ensure continued \ncompliance. The DHS Privacy Office works closely with Component Privacy \nOfficers, who provide operational insight, support, and privacy \nexpertise for component activities that require privacy compliance \ndocumentation.\n    The Privacy Impact Assessment (PIA) is a key document in the \nprivacy compliance process and serves as a decision-making tool to \nidentify and mitigate privacy risks throughout the development life \ncycle of a program or system. Using the Fair Information Practice \nPrinciples to assess and mitigate impacts on an individual's privacy, \nthe PIA helps the public understand what information the Department is \ncollecting; the purpose for collection; and how DHS will use, share, \naccess, and store the information.\n    TSA worked collaboratively with the DHS Privacy Office in \ndeveloping its PIA on AIT screening. TSA published its original PIA in \nJanuary 2008 to cover AIT screening of passengers at the checkpoint, \nand has subsequently updated it three times to address improvements in \nthe technology. The PIA provides transparency into the Department's \noperations and privacy protections related to AIT.\n    As described in its 2008 PIA (http://www.dhs.gov/xlibrary/assets/\nprivacy/privacy-pia-tsa-wbi-jan2008.pdf), TSA instituted several \nsafeguards prior to initial deployment to protect the privacy of \nindividuals who are screened using AIT. TSA implemented a variety of \nmeasures, both technical and operational, to integrate and incorporate \nprivacy considerations from the start, including providing signage at \nall AIT locations to inform the passenger of what the scanned image \nlooked like and of their option to decline AIT screening in favor of \nphysical screening.\n    TSA also instituted robust privacy protections for handling AIT \nimages. Privacy protections in place where ATR is not yet available \ninclude filters to make AIT images not personally identifiable and \nofficer review of the image in a remote location to preserve passenger \nanonymity. Images are transmitted securely between the unit and the \nviewing room to prevent them from being lost, modified, or disclosed. \nIn short, the passenger and other travelers cannot see the image, and \nthe officer viewing the image cannot see the passenger. Once an officer \nclears an individual, the image is no longer viewable or stored in the \nsystem. ATR-enabled units are not capable of storing or printing the \ngeneric image produced during screening. Both types of AITs transmit \nthe images securely--the general-use backscatter units encrypt images \nduring transmission, whereas the millimeter wave units transmit images \nin a proprietary format viewable only with proprietary equipment.\n    To provide additional public awareness of the privacy protections \nDHS implements for AIT, the DHS Chief Privacy Officer and TSA Privacy \nOfficer have regularly communicated with privacy advocates and the Data \nPrivacy and Integrity Advisory Committee regarding AIT. In addition, in \nFebruary 2010, TSA submitted a Report to Congress on privacy \nprotections and deployment of AIT entitled ``Advanced Imaging \nTechnologies: Passenger Privacy Protections.''\n              meeting national health and safety standards\n    TSA places a premium on the safety of the traveling public. Both \ntypes of AITs have been evaluated and found to meet all applicable \nNational health and safety standards, including those published by the \nInstitute of Electrical and Electronics Engineers for millimeter wave \nsystems, and those published by the American National Standards \nInstitute/Health Physics Society and the National Council on Radiation \nProtection and Measurements (NCRP) for general-use backscatter X-ray \nsystems. In addition, the ATR software upgrade has no effect on the \nradiation emissions from AITs.\n    Each TSA general-use backscatter X-ray AIT system undergoes a \nradiation survey upon initial installation at an airport and every 6 \nmonths thereafter to ensure it stays in top working condition. TSA also \nperforms radiation surveys after maintenance on components that affect \nradiation safety and at the request of employees. These surveys and \nperiodic maintenance activities ensure the equipment operates properly \nand meets all emission limits, thus providing a high level of \nconfidence in the safety of the equipment.\n    Testing by independent entities, including the Johns Hopkins \nUniversity Applied Physics Laboratory, the Food and Drug \nAdministration's Center for Devices and Radiological Health, the \nNational Institute of Standards and Technology, and the U.S. Army \nPublic Health Command have demonstrated that the radiation dose from a \nTSA general use backscatter AIT unit is well below established safety \nlimits for passengers, operators, and bystanders, including children, \npregnant women, frequent flyers, and individuals with medical implants. \nThese safety limits are based on recommendations published by NCRP. In \nfact, the average person receives more radiation naturally each hour \nthan they do from one screening by a general-use backscatter X-ray AIT \nsystem and receives the same amount of radiation exposure from 2 \nminutes of flight. These independent entities had full and direct \naccess to TSA's currently deployed general-use backscatter AITs during \ntheir evaluation and/or testing.\n                               conclusion\n    AIT has proven to be the most effective available technology to \nprotect the traveling public from evolving threats including non-\nmetallic explosive devices, has a strong array of privacy protections, \nis being efficiently deployed, and has been documented by experts \nindependent from TSA as safe for passengers and our own employees.\n    Thank you, Chairman Rogers, Ranking Member Jackson Lee, and Members \nof the subcommittee, for the opportunity to appear before you today. We \nlook forward to answering your questions.\n\n    Mr. Rogers. Thank you, Mr. Cantor, for your testimony. We \nappreciation you being here, and know your time is valuable.\n    Our second witness Mr. John Sanders currently serves as the \nassistant administrator for the Office of Security Capabilities \nat TSA. Mr. Sanders joined TSA in 2010 and served as the deputy \nassistant administrator for the Office of Security \nTechnologies, where he focused on day-to-day operations and \nassisted TSA senior leadership in the development and execution \nof risk-based security. Prior to joining TSA, Mr. Sanders \nworked in the private sector. He has more than 20 years of \nexperience in the aviation industry.\n    Mr. Sanders you are recognized for 5 minutes.\n\n STATEMENT OF JOHN SANDERS, ASSISTANT ADMINISTRATOR, OFFICE OF \n SECURITY CAPABILITIES, TRANSPORTATION SECURITY ADMINISTRATION\n\n    Mr. Sanders. Good morning, Chairman Rogers, Mr. Davis--or, \nsorry, Congressman Davis, and Congressman Richmond. Thank you \nfor the opportunity to testify today.\n    The Transportation Security Administration screens \napproximately 1.8 million people at 450 airports every day, \nemploying risk-based, intelligence-driven operations to prevent \nterrorist attacks and reduce our vulnerability to terrorism. We \ncontinue to evolve our approach by examining the policies, \nprocedures, and technologies we use to conduct screening.\n    TSA works with the private industry to develop and deploy \nthe best technology available to detect metallic and \nnonmetallic threats, such as the explosive devices used by the \nunderwear bomber on Christmas day 2009 and the improved device \ndiscovered in the disrupted plot this past May. These are \nthreats that walk-through metal detectors cannot detect.\n    TSA currently operates a mix of millimeter wave and \ngeneral-use backscatter AIT units at 200 airports. All of the \nmillimeter wave AIT units have been upgraded with automatic \ntarget recognition functionality, and testing is under way for \nATR in general-use backscatter machines.\n    Since the beginning of the AIT program, TSA worked closely \nwith the DHS Privacy Office to ensure that this program was a \nmodel for passenger privacy protections. ATR software further \nenhances passenger privacy by eliminating passenger-specific \nimages and improves throughput at the checkpoint. The software \nautodetects anomalies concealed on the body. They are then \nresolved through additional screening.\n    TSA places a premium on passenger safety with respect to \nAIT. Both types of AIT have been repeatedly evaluated and \ndetermined to meet all applicable National health and safety \nstandards. These tests have demonstrated that the radiation \nfrom a TSA general-use backscatter AIT screening is well below \nestablished safety limits for individuals being screened, \noperators, and bystanders, including children, pregnant women, \nfrequent flyers, and individuals with medical implants. In \nfact, the average person receives more radiation naturally each \nhour than they do from one screening by a general-use \nbackscatter X-ray AIT system, and receives the same amount of \nX-ray exposure from 2 minutes of flight at altitude on the \naircraft they are boarding. General-use backscatter X-ray AIT \nsystems undergo a radiation survey upon initial installation \nand every 6 months thereafter to ensure it stays in top working \ncondition. The surveys and periodic maintenance activities \nensure the equipment operates properly and meets all emission \nlimits.\n    I would like to close by emphasizing the AIT is the best \navailable technology to protect the traveling public from \nnonmetallic explosive devices, has a robust array of privacy \nprotections, is being efficiently deployed, and has been \ndocumented by experts independent from TSA as safe for \npassengers and our own employees.\n    I look forward to answering your questions.\n    Mr. Rogers. Did I just hear you say that it has been \nefficiently deployed?\n    Mr. Sanders. Yes, sir.\n    Mr. Rogers. We are taking 91 of these things worth $14 \nmillion and going to put them in a warehouse. That is \nefficient?\n    Mr. Sanders. When we look at the number of passengers that \nwe are screening, if you look at the redeployment, right now we \nare scanning with those machines about 26 percent of the \npassengers that are walking through the checkpoints. With the \nredeployment it allows us to increase that AIT utilization from \n26 percent to 76 percent, which equates at those 7 airports to \nabout 180,000 more passengers per day through our most \neffective technology.\n    Mr. Rogers. So what is going to happen with these 91 \nmachines?\n    Mr. Sanders. It is my hope that the contractor that we are \nworking with will be able to develop the ATR software. We will \nbe able to put them on those machines and then redeploy them at \na later date.\n    Mr. Rogers. Now, you know, it was announced 2 or 3 weeks \nago, thereabouts, that TSA was going to move these to smaller \nairports, and that has changed. They are going to go to the \nwarehouse. What happened? What happened with the software \nupgrade that was supposed to be done? Were you all expecting to \ndo a software upgrade before you put them in the smaller \nairports?\n    Mr. Sanders. We made a decision in May of this year to do a \nredeployment, as I said, to provide the most effective and \nefficient solution. In the May-through-July time frame, the \nsystems were undergoing operational test and evaluation, which \ncompleted at the end of July. Then there is a period where a \nsystems evaluation report as well as a letter of assessment is \nwritten by DHS Test and Evaluation Group, and we were expecting \nto start the redeployment of those eight AIT systems, the \ngeneral-use millimeter waves or the general-use backscatter \nsystems, to smaller airports starting in October through the \nend of the year.\n    Mr. Rogers. When did TSA first discover that the \nbackscatter AIT vendor might have manipulated the operational \ntest?\n    Mr. Sanders. I wouldn't say, sir, that we believe--that we \nhave any evidence that--documents that they absolutely did.\n    Mr. Rogers. But my understanding is that you suspect it.\n    Mr. Sanders. We have information that we have contacted the \nmanufacturer to ask for additional information so that we can \nlook into the matter further.\n    Mr. Rogers. You said in your opening statement that these \nmachines had been independently evaluated. Was that just as to \nthe health risks, or was it to the efficacy of the machine?\n    Mr. Sanders. Both, sir. With regards to the health effects, \nwe have had numerous independent tests performed. They include \nthe Food and Drug Administration, the Johns Hopkins University \nApplied Physics Laboratory, the U.S. Army Public Health \nCommand, and the National Institute of Standards and Technology \nhave all looked at them with regards to the safety, and all of \nthose have independently verified----\n    Mr. Rogers. What about the efficacy?\n    Mr. Sanders. The efficacy has done--is being performed by \nboth GAO, the DHS inspector general, as well as TSA's own \ncovert testing.\n    Mr. Rogers. Well, that is my concern, is how could the \nvendor manipulate the outcome if, in fact, a third party is \ndoing the evaluation?\n    Mr. Sanders. Again, sir, I don't have any concrete \ninformation at this point that the vendor absolutely did \nanything that would lead to malfeasance. I think right now it \nis predecisional. We are in possession of the information, and \nwe have contacted the vendor to provide us additional \ninformation with regards to that so that we can actually \ndetermine if that did occur.\n    Mr. Rogers. I understand that, but my question is this: If \nthe vendor is not doing the evaluation, a third party is, how \ncould the vendor manipulate the results, even assuming that \nthat happened? How could they if there is a third party? The \nvendor wouldn't have any ability to manipulate them, would \nthey?\n    Mr. Sanders. No, sir, they would not have. Once the \noperational test and evaluation begins, the system is under \nconfiguration control, and there is no opportunity for the \nvendor to make any changes to the system. Again, at the \nbeginning of the program, before something gets under way, we \nmight believe that the system is in one configuration when it \nis not in that particular configuration.\n    At this point we don't know what has occurred, and as I \nhave said, we are--we have contacted the vendor, and we are \nworking with them to get to the bottom of it to see if there is \nany----\n    Mr. Rogers. When you all made the announcement that you all \nwere going to move these to smaller airports, was it your \nexpectation to move them to the smaller airports with the \ncurrent software configuration?\n    Mr. Sanders. No, sir, it was----\n    Mr. Rogers. It was only if you could upgrade the software \nto the stickman image.\n    Mr. Sanders. Yes, sir, that is correct.\n    Mr. Rogers. You really thought that it was going to be \nable--you were going to be able to do that?\n    Mr. Sanders. Yes, sir, we did.\n    Mr. Rogers. You didn't know at that time that you made the \nannouncement that it was not possible?\n    Mr. Sanders. No, sir, we had every belief that the \ncontractor would be able to meet their commitments and provide \nthe ATR, and we would have it in the field.\n    Mr. Rogers. My time is expired. I got some more questions. \nWe will do another round in a few minutes.\n    Mr. Davis is recognized.\n    Mr. Davis. Thank you, Mr. Chairman.\n    Before I begin with my questioning, I would like to ask \nunanimous consent that the prepared testimony of EPIC, the \nDemocrat witness denied by the Majority, be inserted into the \nrecord.\n    Mr. Rogers. Without objection, so ordered.\n    [The joint statement of Mr. Rotenberg, Ms. McCall, and Mr. \nScott follows:]\n Joint Statement of Marc Rotenberg, President, EPIC; Ginger P. McCall, \n    Director, EPIC Open Government Project; and Jeramie Scott, EPIC \n                        National Security Fellow\n                           November 15, 2012\n    Mr. Chairman and Members of the subcommittee: Thank you for holding \nthis hearing and for the invitation to EPIC to submit a statement for \nthe record. The Electronic Privacy Information Center (``EPIC'') is a \nnon-partisan research organization, focused on emerging privacy and \ncivil liberty issues. For the last several years, EPIC has devoted \nconsiderable attention to the problems with the Transportation Security \nAdministration's (``TSA'') airport screening procedures. In the course \nof this work, we have uncovered a great deal of information that we \nbelieve will be of interest to the Subcommittee on Transportation \nSecurity.\n    This statement summarizes several of our major findings, as well as \nthe recent decision from the D.C. Circuit Court of Appeals in EPIC v. \nDHS, which held that the agency failed to undertake a public rulemaking \nas required by law. We believe that if the agency had pursued the \npublic comment process at the outset, the decision to deploy \nbackscatter X-ray devices could have been averted, taxpayer dollars \nsaved, privacy and health risks avoided, and more effective techniques \nto safeguard air travel developed.\n         the public concerns about airport screening procedures\n    In the aftermath of 9/11, it was clear that steps needed to be \ntaken to improve aviation security. However, not all measures developed \nwere equally effective. Protecting cockpits on commercial aircraft was \ncritical. But many of the devices developed for screening passengers, \nsuch as the ``puffer'' devices, proved ineffective. Among the most \ncontroversial was the deployment of Whole Body Imaging (``WBI'') \ndevices, designed to reveal the air traveler stripped naked.\n    In 2005, EPIC published the first report that examined the privacy \nand health impacts of the TSA's proposed body scanner technology.\\1\\ \nSince that time we have organized public conferences, received \ncomplaints from the traveling public, and worked with other \norganizations that share our concern about this program.\\2\\\n---------------------------------------------------------------------------\n    \\1\\ EPIC, ``Spotlight on Surveillance: Transportation Agency's Plan \nto X-Ray Travelers Should Be Stripped of Funding'' (June 2005), http://\nepic.org/privacy/surveillance/spotlight/0605/.\n    \\2\\ See, e.g., EPIC, ``Whole Body Imaging Technology and Body \nScanners (`Backscatter' X-Ray and Millimeter Wave Screening),'' http://\nepic.org/privacy/airtravel/backscatter/; EPIC, ``EPIC v. DHS \n(Suspension of Body Scanner Program)'' http://epic.org/privacy/\nbody_scanners/epic_v_dhs_suspension_of_body.html; EPIC, ``EPIC v. \nDepartment of Homeland Security--Body Scanners'' http://epic.org/\nprivacy/airtravel/backscatter/epic_v_dhs.html; and EPIC, ``The \nStripping of Freedom: A Careful Scan of TSA Security Procedures'' \n(Public Conference) (Jan. 6, 2011), http://epic.org/events/tsa/. EPIC \nalso maintains a webpage where travelers can fill out a Body Scanner \nIncident Report (http://epic.org/bodyscanner/incident_report/).\n---------------------------------------------------------------------------\n    EPIC has also pursued Freedom of Information Act (``FOIA'') cases \nto learn more about the body scanner devices. We believe it is \nessential to assess the actual operation of the devices. When we say \nthat there are on-going privacy risks to American travelers and that \nthe TSA has not done enough to safeguard privacy, we are not \nspeculating. We are pointing to facts about the devices that are known \nto the TSA, which the agency has been reluctant to discuss with \nCongress or the American public.\n    Following two FOIA lawsuits against the agency, EPIC received the \nTSA's Procurement Specifications for body scanners.\\3\\ The Procurement \nSpecifications provided specific stipulations made by the agency for \nthe vendors L3 and Rapiscan, which showed: (1) TSA required the body \nscanners to have the capability to store, record, transmit images of \nthe naked human body, (2) that the machines were not designed to detect \npowdered explosives, and (3) that the privacy filters could be turned \noff.\\4\\\n---------------------------------------------------------------------------\n    \\3\\ TSA Office of Security Technology System Planning and \nEvaluation, Procurement Specification for Whole Body Imager Devices for \nCheckpoint Operations, Sept. 23, 2008 (``TSA Procurement Specifications \nDocument''), available at http://epic.org/open_gov/foia/\nTSA_Procurement_Specs.pdf.\n    \\4\\ TSA Procurement Specifications Document at 5 (stating ``[w]hen \nin Test Mode, the WBI: shall allow exporting of image data in real \ntime; . . . shall provide a secure means for high-speed transfer of \nimage data; [and] shall allow exporting of image data (raw and \nreconstructed)''); Several reports and articles reach a similar \nconclusion. See, e.g., Leon Kaufman and Joseph Carlson, An Evaluation \nof Airport X-ray Backscatter Units Based on Image Characteristics, \nJournal of Transportation Security, http://springerlink.com/content/\ng6620thk08679160/fulltext.pdf; GAO, ``Aviation Security: TSA Is \nIncreasing Procurement and Deployment of the Advanced Imaging \nTechnology, but Challenges to This Effort and Other Areas of Aviation \nSecurity Remain'' (Mar. 17, 2010), http://www.gao.gov/assets/130/\n124207.pdf.\n---------------------------------------------------------------------------\n    In the spring of 2009, when we became aware that the TSA was \nplanning to deploy the body scanner for primary screening in U.S. \nairports, we worked with a broad range of organizations and \nrespectfully petitioned Secretary Napolitano to postpone the planned \ndeployment until the public was given the opportunity to express its \nviews on this dramatic change in agency procedure.\\5\\ We asked the \nDepartment of Homeland Security (``DHS'') to suspend the body scanner \nprogram while conducting ``a rulemaking process to receive public input \non the agency's use of `Whole Body Imaging' technologies.''\\6\\ While \nDHS began to aggressively deploy full-body scanners, EPIC received no \nresponse to our initial petition. In spring of 2010, EPIC submitted a \nsecond petition to Secretary Napolitano and DHS Chief Privacy Officer \nMary Ellen Callahan and urged DHS to suspend the body scanner program \nin light of questions about the effectiveness of body scanners, \ntraveler complaints, privacy risks, and religious objections.\\7\\\n---------------------------------------------------------------------------\n    \\5\\ Letter from EPIC and 33 organizations to Secretary Janet \nNapolitano, U.S. Dep't of Homeland Security (May 31, 2009), http://\nepic.org/privacy/airtravel/backscatter/Napolitano_ltrwbi-6-09.pdf.\n    \\6\\ Id.\n    \\7\\ Letter from EPIC, et. al. to Secretary Napolitano and Chief \nPrivacy Officer Callahan, U.S. Dept. of Homeland Security (Apr. 21, \n2010), http://epic.org/privacy/airtravel/backscatter/\npetition_042110.pdf.\n---------------------------------------------------------------------------\n                              epic v. dhs\n    Following the Secretary's failure to respond to either of our \npetitions calling for public rulemaking, EPIC filed a lawsuit against \nDHS in the D.C. Circuit Court of Appeals. In the suit, we argued that \nthe airport body scanner program violated several privacy laws, the \nAdministrative Procedure Act, and the Fourth Amendment. We said that \nthe Department of Homeland Security ``has initiated the most sweeping, \nthe most invasive, and the most unaccountable suspicionless search of \nAmerican travelers in history.''\\8\\\n---------------------------------------------------------------------------\n    \\8\\ Opening Br. For Petitioners EPIC Chip Pitts, Bruce Schneier, \nand Nadhira Al-Khalili, available at http://epic.org/\nEPIC_Body_Scanner_OB.pdf.\n---------------------------------------------------------------------------\n    The D.C. Circuit Court of Appeals ruled that the TSA failed to \nundertake the required notice-and-comment rulemaking when the agency \nchose to make body scanners the primary screening method at U.S. \nairports.\\9\\ The Court ordered TSA to ``act promptly'' in conducting a \nnotice-and-comment rulemaking.\\10\\ Since that decision in July of 2011 \nwe have sought to have the agency comply with the Order of the court.\n---------------------------------------------------------------------------\n    \\9\\ EPIC v. U.S. Dep't of Homeland Sec., 653 F.3d 1, 8 (D.C. Cir. \n2011).\n    \\10\\ Id.\n---------------------------------------------------------------------------\n    With respect to the other claims, the D.C. Circuit Court of Appeals \ndetermined that there was no substantive violation of privacy rights \nbecause ``[n]o passenger is ever required to submit to an AIT [Advanced \nImaging Technology] scan.'' The Court expressed further concern about \nthe agency's conduct:\n\n``Signs at the security checkpoint notify passengers they may opt \ninstead for a patdown, which the TSA claims is the only effective \nalternative method of screening passengers. A passenger who does not \nwant to pass through an AIT scanner may ask that the patdown be \nperformed by an officer of the same sex and in private. Many passengers \nnonetheless remain unaware of this right, and some who have exercised \nthe right have complained that the resulting patdown was unnecessarily \naggressive.''\n\n    EPIC, 653 F.3d at 3.\\11\\ Even with this clear determination from \nthe court, we continue to receive complaints from passengers that they \nare not told they can opt out or that they receive overly aggressive \npat-downs when they do.\n---------------------------------------------------------------------------\n    \\11\\ The Court further stated ``any passenger may opt out of AIT \nscreening in favor of a patdown, which allows him to decide which of \ntwo options for detecting a concealed, nonmetallic weapon or explosive \nis least invasive.'' EPIC, 653 F.3d at 10.\n---------------------------------------------------------------------------\n  the risk of more widespread deployment of whole body imaging devices\n    EPIC pursued additional efforts regarding the development of mobile \nbody scanners, the use of body scanners at courthouses, and the \nradiation risks presented by backscatter X-ray body scanners. \nAdditionally, EPIC continued to push for TSA to do the court-ordered \nnotice-and-comment rulemaking in the face of persistent delay by the \nagency.\nMobile Body Scanners\n    The use of body-scanner technology has expanded beyond air travel \nto include use at other venues and the use of mobile scanning \ntechnology. In March 2010, the DHS released a ``Surface Transportation \nSecurity Priority Assessment,'' which detailed the agency's plans to \nconduct risk assessments and implement new body-scanner technology in \nAmerica's surface transportation system.\\12\\ In 2006 and again in 2009, \nbody-scanner technology was tested on Port Authority Trans-Hudson New \nYork/New Jersey train riders. Moreover, mobile body scanners \ntraditionally used in the warzones of Afghanistan and Iraq, have now \nbeen deployed on U.S. streets.\\13\\\n---------------------------------------------------------------------------\n    \\12\\ TSA, Surface Transportation Security Priority Assessment, \navailable at http://www.whitehouse.gov/sites/default/files/rss_viewer/\nSTSA.pdf.\n    \\13\\ Andy Greenberg, Full-Body Scan Technology Deployed in Street-\nRoving Vans, FORBES, Aug. 24, 2010, http://www.forbes.com/sites/\nandygreenberg/2010/08/24/full-body-scan-technology-deployed-in-street-\nroving-vans/.\n---------------------------------------------------------------------------\n    In response to a 2010 Freedom of Information Act request and \nsubsequent lawsuit, EPIC obtained documents from the DHS indicating \nthat the agency has spent millions of dollars developing and acquiring \nmobile body-scanner technology to be used in surface transit and other \nhigh-occupancy venues.\\14\\ According to the documents obtained by EPIC, \nthe Federal agency plans to expand the use of these systems to monitor \ncrowds--peering under cloths and inside bags away from airports.\n---------------------------------------------------------------------------\n    \\14\\ DHS, ``Privacy Impact Assessment for the Rail Security Pilot \nStudy Phase II at PATH'' (July 12, 2006), available at http://epic.org/\nprivacy/body_scanners/EPIC_Body_Scan_FOIA_Docs_Feb_2011.pdf.\n---------------------------------------------------------------------------\nScanners in Courthouses\n    In another example of body scanners being used outside the context \nof airport security, EPIC filed a FOIA request with the United States \nMarshalls Service to obtain information about the agency's use of full-\nbody scanners for courthouse security. EPIC pursued the case in Federal \ncourt, and has obtained acknowledgement by the U.S. Marshalls Service \nthat a single machine has stored ``approximately 35,314 images'' of the \nfull-body scans of courthouse visitors over a 6-month period.\\15\\\n---------------------------------------------------------------------------\n    \\15\\ EPIC Press Release, Documents Reveal that Body Scanners \nRoutinely Store and Record Images, Aug. 3, 2010, http://epic.org/press/\nEPIC_Body_Scanner_Press_Release_08- _03_10.pdf.\n---------------------------------------------------------------------------\nNotice-and-Comment Rulemaking\n    After the D.C. Circuit Court of Appeals' 2011 ruling mandating that \nthe TSA ``promptly'' undertake notice and comment rulemaking,\\16\\ a \nyear passed without agency action. EPIC then urged the Court to require \nthe Secretary of Homeland Security to begin a public comment process or \nsuspend the program.\\17\\ The agency subsequently replied that it will \n``finalize documents'' by February 2013.\\18\\ The D.C. Circuit Court of \nAppeals' then laid out a firm deadline for the TSA, stating that it \nexpects the agency to publish the rule before the end of March \n2013.\\19\\\n---------------------------------------------------------------------------\n    \\16\\ EPIC., 653 F.3d 1 (D.C. Cir. 2011).\n    \\17\\ EPIC's Petition for a Writ of Mandamus to Enforce This Court's \nMandate, July 17, 2012, available at http://epic.org/privacy/\nbody_scanners/EPIC-Petition-for-Writ-of-Mandamus.pdf.\n    \\18\\ Resp't Resp to Opp'n to Pet. For Writ of Mandamus at 2 (Aug. \n30. 2012), available at http://epic.org/privacy/body_scanners/DHS-\nResponse-in-Opposition.pdf.\n    \\19\\ United States Court of Appeals for the District of Columbia \nCircuit Court Order (Sept. 25, 2012), available at http://epic.org/\nprivacy/body_scanners/DC-Cir-Mandamus-Order.pdf.\n---------------------------------------------------------------------------\n          rejection of body scanners outside the united states\n    The United States remains one of the very few countries in the \nworld that subjects air travelers to body screening technology and \nperhaps the only country that continues to use backscatter X-ray \ndevices. The European Union, and the 27 member countries it represents, \nrejected the use of backscatter X-ray devices at airports.\\20\\ \nAdditionally, the European Union adopted strict operational and \ntechnical requirements for the use of body scanners generally.\\21\\ The \nadditional conditions include, for example, not linking the image to \nthe screened person, informing passengers of the conditions under which \nthe scanning takes place, and giving passengers the right to opt \nout.\\22\\\n---------------------------------------------------------------------------\n    \\20\\ European Commission Press Release, Aviation Security: \nCommission Adopts New Rules on the Use of Security Scanners at European \nAirports, Nov. 14, 2011, http://europa.eu/rapid/pressrelease_IP-11-\n1343_en.pdf.\n    \\21\\ Id.\n    \\22\\ Id.\n---------------------------------------------------------------------------\n                               conclusion\n    The TSA's decision to remove the backscatter X-ray devices from \nmajor airports in the United States lends considerable support to the \nobjections that EPIC and others have raised about the airport screening \nprogram. Perhaps if the agency had undertaken the public rulemaking \nwhen many organizations and air travelers asked them to do so, money \nwould have been saved and risks to health, privacy, and religious \ninterests of travelers diminished.\n    Still, the subcommittee should press the agency to begin the public \ncomment process. Travelers have the right to express their views about \nthe agency program.\n\n    Mr. Davis. Thank you, thank you very much, Mr. Chairman.\n    Mr. Sanders, there was an article published earlier this \nweek regarding sensitive information you provided to Congress \nregarding potential vendor misconduct. Could you explain for \nthe committee why it is important that sensitive information \nregarding potential misconduct by a vendor not be leaked \npublicly before the vendor has the opportunity to respond?\n    Mr. Sanders. Yes, sir, if I could answer that question with \nregards to my experience from private industry. I can say as a \nformer small business owner, it can be devastating to the \nbusiness to have allegations made that have not--the proper due \nprocess has not been allowed to take place so that you can \nrespond to those before it gets into the press, and it becomes \na discussion, if you will, in a public forum that does not \nallow the company to defend themselves.\n    Mr. Davis. So it is very possible that the allegations not \nnecessarily be proven, and unnecessary damage then would have \nbeen done to the vendor as well as to the users as well?\n    Mr. Sanders. Yes, sir, that is a possibility.\n    Mr. Davis. While I am asking, a February 2012 DHS OIG \nreport on TSA's use of backscatter AIT units reviewed previous \nTSA radiation studies, but did not include the results of any \nof the new tests. My question: Has TSA ever conducted testing \non the day-to-day and the cumulative effect of workplace \n``zinging'' radiation on TSOs and other TSA employees, and if \nnot, why? If so, can we provide the results of those tests?\n    Mr. Sanders. Yes, sir. We have conducted both independent \nand--independent tests as well as tests by TSA, and we would be \nhappy to share those with you.\n    Mr. Davis. Then while integrating ATR software into its AIT \ndevices, TSA has moved older backscatter X-ray machines out of \nthe major airports with a high volume of passengers. Please \nexplain the rationale behind this and the efforts that will be \ntaken to ensure privacy and security requirements are met at \nlocations receiving the backscatter X-ray machines.\n    Mr. Sanders. So the redeployment was done to provide the \nmost effective and efficient security possible to the traveling \npublic. When we moved those machines out, we knew that we could \nincrease, dramatically increase, the AIT utilization as well as \nthe number of passengers that would be screened by our most \neffective technology to detect nonmetallic threats.\n    As I said earlier, the number of passengers at those 7 \nairports that we are now screening as a result of that \nredeployment has increased by 180,000 passengers per day. In \nresponse to your question with regards to the security of and \nthe safety when it comes to the smaller airports, it was always \nour intention in the redeployment to ensure that ATR was on \nthose systems before they were redeployed to the smaller \nairports.\n    Mr. Davis. Well, let me ask you, to date how much money has \nbeen invested in AIT machines, and how much will we need to \ninvest before TSA gets to its target deployment numbers?\n    Mr. Sanders. To date we have spent about $140 million on \nAIT equipment, but $100 million of that is for the millimeter \nwave system, and about $40 million is for the general-use \nbackscatter systems.\n    With regards to your question on how do we--how much \nadditional money will we have to spend? I can't answer that \nquestion right now. It is something that we are looking at, and \nthe reason I can't answer that is TSA is transforming into a \nrisk-based, intelligence-driven organization, as this committee \nis aware. As part of that, we are making decisions that--with \nregards to PreCheck and what we do with risk-based security. As \npart of that, we are looking at the business case around AIT \nequipment, understanding that it is critically important that \nwe use AIT technology because it is the best technology that we \nhave available to mitigate against known and evolving threats. \nBut we don't have a final number with regards to how many we \nwill have to put in--how many systems we will need once we move \nforward with the risk-based security initiatives.\n    Mr. Davis. Thank you very much.\n    Thank you, Mr. Chairman.\n    Mr. Rogers. I thank the gentleman.\n    The gentleman from New Orleans Mr. Richmond is recognized \nfor 5 minutes.\n    Mr. Richmond. Thank you.\n    Mr. Sanders, I think earlier this year it was mentioned \nthat you all wanted to purchase an additional 200 AIT machines. \nHow many did you purchase, and how many do you think you need \nto have full coverage?\n    Mr. Sanders. In May of this year, Mr. Richmond, we \npurchased an additional 200 systems, bringing the total that we \nhave purchased to 1,000 systems. Right now our stated full \noperational capability is 1,800 systems to cover all of our \nlanes at all of the airports. As I said, though, that we are \nreevaluating what that full operational capability is going to \nbe given the initiative that Mr. Pistole kicked off with \nregards to risk-based security.\n    Mr. Richmond. You mentioned, and the Chairman asked you a \nquestion about it also--you mentioned efficiency, and I think \nyou can talk about the machines and make sure they are \ndeployed, but when you are talking about efficiency, tell me \nwhat you are talking about.\n    Mr. Sanders. I am talking about a couple of things. I am \ntalking about the number of passengers that we can put through \nour most effective technology to look for nonmetallic threats. \nAlso I am talking about the passenger experience. If you look \nat the amount of time it takes for a pat-down right now, it \ntakes about 80 seconds to do a pat-down. If you put an \nindividual through an AIT system with an image operator \nattached to it, that takes a certain amount of time as well. \nBut when we move to ATR, we can get that processing time down \nto 12 seconds, which allows us to put more people through them, \nthereby using our most beneficial technology to detect a \nthreat.\n    Mr. Richmond. So you are strictly limiting that to \nefficiency in terms of technology. I understand you are saying \nthat a pat-down is 80 seconds compared to 12 seconds going \nthrough the machine, but that doesn't calculate the human \ndecisions that are made going through checkpoints. Part of, I \nguess, my question to you is do you all coordinate from the \ntechnology side with the actual people who guide people \nthrough, and do all of those things to make sure that things \nare working efficiently?\n    Let me just give you my short frustration. You can have all \nof the machines in the world, but if you don't have two or \nthree tables put together so people can put their items into \nthose things to go through the machine so that they can walk \nthrough the AIT, then we are not becoming more efficient. The \ntechnology is more efficient, but the incompetence reduces the \nefficiency of the machine.\n    So have you all--and I guess from the technology \nstandpoint, have you all worked with the human factors and the \npeople who make the decisions to tell them what an optimal site \nshould look like in terms of being efficient so people can get \nthrough in the 12 seconds? The machine is 12 seconds, but not \nthe process to get through it. So that is my question.\n    Mr. Sanders. Yes, sir, we work very closely with the Office \nof Security Capabilities on that very point.\n    I misunderstood your question. So when we deployed the AIT \nsystems originally, we never had the full staffing to allow us \nto handle that. So what we had to do is make some risk-based \ndecisions, and what we decided at the time, because of the \nintelligence, is to move FTEs away from other layers of \nsecurity and apply them to the AIT systems.\n    Now that we have the ATR, it allows us to process people. \nIt also allows us to make decisions to move those FTE to other \nsecurity layers so that we are getting the efficiencies that \nyou are referring to.\n    Mr. Richmond. Well, and I would just say that in terms of \ntechnology, I don't have many complaints, and I think that you \nall are putting a good effort in trying. But my experience \nnow--and I guess the new word is ``evolving.'' I am evolving on \nprivatizing of TSA, because I just am getting increasingly \nfrustrated with the incompetency of the checkpoints, and not \njust--not the people at the checkpoint, but the management at \nthe checkpoint.\n    So I would just ask you to take that back to TSA, that the \nstaunch supporters that they have had they are losing over \nsmall decisions that any business person or person with common \nsense would make at checkpoints. The management is increasingly \nfrustrating not only in my home airport, but at other airports \nalso.\n    Thank you, Mr. Chairman. With that I yield back.\n    Mr. Rogers. I completely concur with Mr. Richmond's \nobservations, and I have conveyed that to Mr. Pistole that the \nDepartment has a real problem with the public level of \nconfidence, but it is penetrating the Congress pretty badly, \nand you all have got to remedy that. You really do.\n    I am really aggravated about this $91 million being wasted. \nYou know, we have made the mistake with the--you all made the \nmistake with the puffer machines, and now you are going to have \nto move them over in the warehouse to put these machines in. It \nis like you spend money on the latest technology first and then \ntest it later, and we are broke. I mean, the country, we are \nreally struggling with some tough budgetary decisions, and it \nis just really hard to understand how this happens. Now I \nunderstand that TSA has spent $5 million developing this ATR \nsoftware for the backscatter machines, and it is not working. \nDo you know how much more money you are going to spend to get \nthis software right?\n    Mr. Sanders. Sir, we have no intention to spend additional \nmoney on the ATR software.\n    Mr. Rogers. Okay, good. I am glad to hear that.\n    Mr. Cantor, you talked a little bit a while ago about you \nput the signs up letting people know they have got a choice \nbetween going through the AIT machines or a pat-down. Have you \nall thought about giving them another alternative, that if they \ndon't have a problem with the software, they can go through a \nlane that has these? Because some people like me don't care. If \nI can get through that line faster, it doesn't matter to me. \nRather than put these things in a warehouse, have you thought \nabout just allowing the public that option?\n    Mr. Cantor. Matters about how the machines are actually \ndeployed----\n    Mr. Rogers. The privacy issue.\n    Mr. Cantor. Okay.\n    Mr. Rogers. I mean, some people just don't care. I mean, \nsome people are very sensitive to it, and I understand and \nappreciate that. But I can tell you that if you had a lane that \nsaid, you know, this is the stickman lane, and the line is \ntwice as long as this lane, and if you don't--if you are not \nconcerned about the privacy issue, you can go through this \nlane, a lot of folks are going to say, let us do it. Why put \nthe things in a warehouse when you can give us that option?\n    Mr. Cantor. From a privacy perspective we designed the \noperational protocols for the original machines; for example, \nthe TSO in a separate room and obscuring of the image. Those \noperational proposals from a Privacy Office's perspective are \nstill valid for those machines. The ATR-enabled devices are \nalso a valid, you know, implementation of that, so the \noperational usage would be a decision on that TSA would make.\n    Mr. Rogers. But to your knowledge, as the privacy officer, \nyou are not aware that that has been discussed?\n    Mr. Cantor. Not with my office.\n    Mr. Rogers. How about you, Mr. Sanders?\n    Mr. Sanders. Sir, I would say that these--it has never been \na question whether these machines are effective from a security \nperformance perspective.\n    Mr. Rogers. That is my point. So why are you going to put \nthem in a warehouse when you can give consumers another option \nand still use the machines? I mean, $91 million is a lot of \nmoney. Or is it--how much? Fourteen million dollars.\n    Mr. Sanders. Fourteen million dollars.\n    Mr. Rogers. For 91 machines.\n    Mr. Sanders. Yes, sir. We are putting them in the warehouse \nwaiting to see how the ATR deployment--or development works out \nso that we can deploy them with ATR. That decision is primarily \nbased on the mandate to have ATR in all the machines by June 1 \nof this year, or of 2013.\n    Mr. Rogers. Okay. According--so are you going to make that \ndeadline, the mandate?\n    Mr. Sanders. Yes, sir. We will make the deadline that all \nof the machines in the field have ATR software on them.\n    Mr. Rogers. By June 2013.\n    Mr. Sanders. Yes, sir.\n    Mr. Rogers. Okay. How long would it take for the 91--or how \nlong do you expect the 91 machines to sit in storage?\n    Mr. Sanders. Sir, at this point I cannot answer that. We \nare talking to the manufacturer on the time line to get to the \nATR, and we are waiting to hear back from them.\n    Mr. Rogers. What about the remaining 155 backscatter \nmachines? What is going to happen with them?\n    Mr. Sanders. That goes back to your earlier question, sir. \nIf we are not able to make the--we are going to make the \ndeadline of June 1, 2013, to have ATR in all of the AIT systems \nin the field, so we will have to make business decisions with \nregards to that as we progress and learn additional \ninformation.\n    Mr. Rogers. My understanding is you have the next \ngeneration of AIT, which is AIT-2, coming out soon; is that \ncorrect?\n    Mr. Sanders. Yes, sir.\n    Mr. Rogers. What developments, if any, can you share with \nus on that technology?\n    Mr. Sanders. We awarded three contracts to three different \ncompanies. One of them--we have awarded three contracts to \nthree companies. The total value of each of those contracts is \nabout $1 million for low-rate initial production. We are going \nthrough the testing process now to ensure that they are \nsuitable and effective, and then we will make decisions on the \nprocurement once we have those results.\n    Mr. Rogers. All right. Thank you very much. My time is \nexpired.\n    Mr. Davis, if you have any additional questions, you are \nrecognized.\n    Mr. Davis. Thank you very much, Mr. Chairman.\n    Mr. Sanders, let me just ask, do you know how much--what \nthe total dollar value is of security devices and machines that \nwe have in storage?\n    Mr. Sanders. Yes, sir. It is roughly about $155 million \nthat is in storage waiting for redeployment, or waiting to be \ndisposed.\n    Mr. Davis. We do expect that much of that is going to be \nused; that it is just a matter of when we are able to \neffectively do so.\n    Mr. Sanders. Yes, sir. It is a combination of machines or \nequipment that has to be disposed because it has served its \npurpose and it has come to the end of its useful life, as well \nas equipment that we are waiting to deploy. We expect that in \n2013 that that number will be down closer to about $75 million.\n    Mr. Davis. Thank you very much.\n    Mr. Cantor, could you describe for us the role the DHS \nPrivacy Office plays in responding and addressing privacy \ncomplaints pertaining to airport screening operations? Please \nspeak to the procedures and policies used by the DHS Privacy \nOffice in assessing and investigating privacy complaints made \nby travelers.\n    Mr. Cantor. Yes. As you know, the DHS Travelers Redress \nInquiry Program, more commonly known as DHS TRIP, serves as a \none-stop shop for traveler redress for all of the DHS \ncomponents. DHS TRIP provides a mechanism through which \npassengers can voice their concern about particular travel \nexperiences, including their experience with AIT or pat-downs.\n    If the TRIP system tasks a complaint involving AIT or a \npat-down to the Privacy Office for review, we would refer it to \nTSA's contact center and to the TSA Privacy Office as required \nby TSA's policies. The DHS Chief Privacy Officer serves as a \nmember of the TRIP advisory board, and my office's privacy \noversight team works with any relevant component as well as the \nDHS Office of Civil Rights and Civil Liberties to effectively \naddress TRIP complaints tasked to the Privacy Office.\n    Mr. Davis. Does the DHS Privacy Office have a position on \nthe deployment and continued use of AIT machines that are not \nequipped with the ATR privacy software?\n    Mr. Cantor. Our position with the deployment of non-ATR-\nenabled machines is that as long as they follow the approved \nprivacy protocols that we went through with TSA and developed \nin our privacy impact assessment, that is okay from our \nperspective.\n    Mr. Davis. Thank you very much.\n    Mr. Chairman, I have no further questions and yield back.\n    Mr. Rogers. I thank the gentleman.\n    I just got a few remaining questions, and this is for Mr. \nCantor. Would you agree that DHS and TSA underestimated the \nprivacy concerns with AIT machines when that technology was \nmoved into the marketplace?\n    Mr. Cantor. No, I don't think so. We understood from the \noutset that many people would find this technology \nuncomfortable, and that is why the Department took its \nresponsibility to protect the privacy of each and every \npassenger very seriously. We deployed AIT only after we were \nfully confident it would work in an operational environment, \nand with the appropriate privacy safeguards in place.\n    As threats changed and the technology evolved to meet those \nthreats, we continue to update the privacy protections while \nfulfilling our missions, and we continue that rigorous process \nof considering the available technology and updating our \nprivacy protections as appropriate.\n    Mr. Rogers. Are you suggesting that you all moved to the \nATR just--and it wasn't in response to the privacy concerns?\n    Mr. Cantor. It would be my view that we moved to the ATR as \na happy combination of both. It has operational benefits for \nTSA in addition to having an added privacy benefit. However, at \nthe time that the initial procurements took place to deploy the \nAIT machines, there was no option of satisfactory ATR-enabled \ndevices.\n    Mr. Rogers. What kind of review or evaluation did you do \nbefore deployment of the machines to kind of gain a perspective \non how people may react to them before you made the purchase?\n    Mr. Cantor. Sir, the way that we traditionally work with \ncomponents is we partner with the component. The components \nwould come to us with the proposal or an idea to move \nsomething. We would work together with them, evaluate their \nproposal, talk to them about privacy-mitigation strategies, \nworking through the component privacy officer.\n    In this case that is exactly what we did. We worked through \nthe TSA Privacy Office with TSA and closely evaluated the \ntechnology, you know, responded to their concerns about the \nthreat and their operational realities in terms of dealing with \nthat threat, and helped, working with them, design operational \nprotocols and technological protocols that we could put in \nplace to help mitigate the risks to privacy.\n    Mr. Rogers. How closely does your Department work with TSA \non these issues?\n    Mr. Cantor. Very closely.\n    Mr. Rogers. Can you give us some assurance based on that \nworking relationship that you are going to be able to avoid \nthis kind of situation in the future?\n    Mr. Cantor. Yes. I mean, as a matter of process, we subject \nevery program throughout the Department with privacy \nimplications to rigorous review. I don't sign PIAs unless I am \nsatisfied that, you know, the component has sufficient privacy \nprotections in place. Indeed, the initial deployment of AIT \nincorporate many privacy protections, some of which we have \nalready gone through, such as the signage, the remote viewer of \nthe TSO, and no ability, you know, to see the person going \nthrough the screening. That evolution that you have seen in AIT \nto AIT with ATR-enabled devices demonstrates that we are \ndedicated to continually improving our technologies, including \nthe screening technologies, and how we protect privacy.\n    You know, we have reviewed our privacy safeguards for AIT \nas the technology has changed, and we will continue to do so to \nensure future screening technologies----\n    Mr. Rogers. Let me ask you, do you believe that smaller \nairports are going to have the physical capacity to take these \nmachines once the ATR software upgrades are possible? There is \na lot of--you know, when you think about some of the smaller \nairports, these things take up a lot of room. Do you think it \nis realistic to expect to move them into these smaller \nairports?\n    Mr. Cantor. I would have to defer to my colleague on the \nsize of the airports and their operational capabilities.\n    Mr. Rogers. Mr. Sanders.\n    Mr. Sanders. Yes, sir, I do.\n    Mr. Rogers. We may have to have a hearing. We will get some \nairport people in here to talk about that. I am real concerned \nabout that.\n    But I will close with this: You know, $155 million is a lot \nof money, and I want you all to understand you are making it \nreally tough on the Congress to fund this kind of stuff when we \nfind out you keep putting it in a warehouse after you find out \nit is not working or working the way it ought to work. These \nare just large sums of money, and it is just hard.\n    I would also point out, I have been a little surprised at \nthe way you have pushed back on this thought about the \nmanipulation of the operational test. It was not us that \nsuggested that happened; it was TSA. You know, I find it \ndifficult to understand how that could happen given that you \nhave acknowledged that there were third parties doing the test. \nIt seems to me the Department, you know, is trying to find a \nscapegoat.\n    But I just hope that you take back to the Department you \nhave all got to get a handle on this kind of procurement and \nacquisition process, because it is really killing your ability \non Capitol Hill to continue to get funded for these kinds of \nprojects.\n    With that, do you have any more questions, Mr. Davis?\n    Mr. Davis. No. Mr. Walberg is here.\n    Mr. Rogers. Mr. Walberg is recognized for any questions he \nmay have. Welcome to the committee.\n    Mr. Walberg. Thank you, sir. Sorry to be late. I think I \nwill defer the questions for now, since I don't know what has \nbeen asked.\n    Mr. Rogers. Okay. All right. With that, I want to thank the \nwitnesses for their testimony, their preparation and their \ntime. I know it take a lot of time and energy to get ready for \nthese things, and I really do appreciate it.\n    I will remind the witnesses that we will leave the official \nrecord of the committee open for 10 days. There may be some \nMembers that weren't here, or, like Mr. Walberg, that just got \nhere, that may have some additional questions, or I may, that \nwe will submit to you, and we ask that you reply to those in \nwriting if you could.\n    And with that, this hearing is adjourned.\n    [Whereupon, at 10:45 a.m., the subcommittee was adjourned.]\n\n                                 <all>\n\x1a\n</pre></body></html>\n"