How to steal a body-scan picture

David Mcnew / AFP – Getty Images file

This photo shows a computer monitor viewed by a Transportation Security Administration officer, revealing details of the body of a fully-clothed employee of L3 Communications Security and Detection Systems as she is scanned inside a ProVision whole-body imaging machine at Los Angeles International Airport.

In an effort to reassure skittish fliers, the Transportation Security Administration says its body-scan images “cannot” be stored, transmitted, or printed — unlike the tens of thousands of images that were stored in a machine operated by the U.S. Marshals Service. But just how ironclad can that kind of denial ever be?

The TSA acknowledges that this sort of thing is possible when the machines are in test mode. What’s more, there’s no magic technology that would keep a truly dedicated (and twisted) screener from smuggling out a cell phone picture of a screen shot showing you in all your glory, passing through airport security.

Instead, the TSA relies on a policy that bans cell phones and cameras in the screening area. “Our officers adhere to the highest professional standards, so we are confident our policy is followed,” Lauren Gaches, a TSA spokeswoman, told me.

These reassurances fail to appease privacy rights advocates. Marc Rotenberg, executive director of the Electronic Privacy Information Center, told me this a “double standard.”

* * *

He noted that airplane passengers aren’t allowed to bring explosives on the plane, but they are subjected to body scans and enhanced pat-downs on the way to catch their flight — just in case they try to skirt that policy. What’s to prevent a TSA employee from skirting the cell phone policy?

Nor is it clear what keeps the machines locked out of test mode when they’re at the airport. Gaches confirmed that the machines — referred to as Advanced Imaging Technology, or AIT in TSA jargon — can store, export, and print images in test mode, but insisted that this functionality is “disabled prior to arrival at the airport.”

Rotenberg isn’t so sure this will keep the critics at bay. “This is all in software, and a TSA official with a proper account password can enable the recording and storage of images in every single airport in the United States,” he said. “There is nothing stopping the TSA from doing that.”

EPIC is also concerned that USB drives, hard disk drives or the networking capabilities of the machines could be exploited to store images on an unauthorized device, though the TSA says these channels “are for limited data transfer only — an officer’s user ID, log-in and log-out time, and statistical data.”

Rotenberg’s organization wants the scanning program suspended and further deployment of the technology delayed until privacy and security issues are identified and resolved.

“The TSA has crossed a line,” Rotenberg said.

What do you think? Are you reassured by the TSA’s statement that it “has not, will not … and cannot store images of passengers”?

More about airport security and passenger privacy:

* Leaked U.S. Marshal body-scan images revealed * TSA boss: New pat-downs are more invasive * Are airport X-ray scanners harmful? * ‘Transvestite terrorist’ refuses body scan in spoof video * More news from’s Travel team

* * *

John Roach is a contributing writer for Connect with the Cosmic Log community by hitting the “like” button on the Cosmic Log Facebook page or following’s science editor, Alan Boyle, on


Leave a Reply

Your email address will not be published. Required fields are marked *