Rejecting a wave of criticism, the government agreed to only modest changes in the computerized system that assesses whether each American who travels abroad poses a terrorist threat.
The Homeland Security Department decided to keep the risk assessments for 15 years instead of 40 years and will no longer share them with federal, state and local officials who are deciding whether a person gets a job, a security clearance, a license to do business or a government contract.
Nevertheless, travelers will still not be allowed to see their actual assessments or the reasons for them. Federal agents will look at an array of information about international travelers — Americans and foreigners; this includes meal choices, the names of traveling companions and the number of hotel beds requested.
“The revisions are useful, but they don’t go to the heart of the matter,” said James Dempsey, policy director of the Center for Democracy and Technology, a civil liberties group. “Why should the government keep massive databases about people it has decided are innocent?”
Privacy advocates and civil libertarians also condemn the remedies for people who think they were wrongly detained, delayed or even denied the right to travel.
The department’s decision to continue the Automated Targeting System with few changes took effect Thursday. It was announced in advance by an August notice in the Federal Register, a daily catalog of federal regulations mostly read by lawyers and lobbyists.
The computerized system is used by Customs and Border Protection officers to screen 400 million passengers a year who arrive from or depart for foreign locations by air, sea or rail. A separate part of the system is used for vehicles crossing the border.
Members of Congress, business travel associations, privacy and civil liberties groups and even European legislators protested after Homeland Security disclosed details of the system last fall for the first time since it began in 1999.
Some critics said the entire program was illegal; others wanted parts of it changed.
But the department said the system is crucial to preventing terrorists and other criminals from entering the United States, and helps border officers decide which travelers to pull aside for further scrutiny.
The department acknowledges the risk that “a negative Customs and Border Protection action could be taken” when relying on “computer generated information in ATS that has been skewed by inaccurate data.” But the department emphasizes that it has agents who decide whether to release or detain people after interviews.
“ATS does not replace human decision-making,” said Hugo Teufel III, the department’s chief privacy officer.
Program computers can compare travel information — known as Passenger Name Records obtained from airlines, cruise lines and Amtrak — with government watch lists of known and suspected terrorists and other wanted or barred individuals.
Beyond that, Mr. Teufel said, the system tries “to identify other high risk travelers previously unknown to law enforcement.” This is done by comparing the passenger’s data with a secret list of “rules” — theories conceived by department analysts based on intelligence reports and past terrorist attacks — describing behavior that might indicate someone is a terrorist or other type of criminal.
The government will not release these rules because that would tip off terrorists and criminals to what agents look for. The rules are thought to include scenarios such as young men without baggage on one-way tickets paid in cash and with a history of travel to Pakistan and Afghanistan, where al Qaeda trains.
Privacy advocate David Sobel, counsel at Electronic Frontier Foundation, said the rules “are nothing more than the agency’s best guess about what behavior might indicate a risk of terrorist activity.”