The ticket agent and I have a complicated little security dance to go through. Not all of it is digital. In her eyes, the threat I pose to this planeload of people is significantly lowered by the fact that I am traveling with my flaxen-haired thirteen-year-old daughter (of the same last name) and with my wife, of a different last name but still clearly the mother of this girl. The agent doesn't know me from Adam, but a suicidal hijacker has not, yet, boarded his last flight with offspring. For what it's worth, I'm happy to have her personally profiling me and my family.

Digitally, the agent is about to push me—or, more accurately, my data—through the Computer Assisted Passenger Pre-Screening (CAPPS) data sieve. Post 9/11, TSA analysts thought that CAPPS, already in use, stood the best chance of becoming the foundation for a national system of weeding out terrorists in the flying population. Developed in the mid-nineties as a method of determining each passenger's "threat" level—specifically, to select passengers for luggage bomb screening—CAPPS formulas, or algorithms, assess something called the Passenger Name Record (PNR) in the airlines" mainframes.

My PNR was born ten days ago, when I bought this plane ticket from a travel agent. As far as I know, it's accurate and includes my date and place of birth, my passport number, address, various phone numbers, and the ticket's purchase history, such as who bought it and whether it's a one-way, as Mohammed Atta's last ticket was. The 9/11 iteration of CAPPS was rather crude, but, on the day it mattered most, it did select nine of the nineteen hijackers, who then passed their subsequent screening. The TSA has since upgraded CAPPS procedure somewhat, adding a terror watch list check, but what was in place in 2001 is substantially used now. For the last two and a half years, the TSA has been attempting to get a vastly more sophisticated snooper, called CAPPS II, off the ground (see "Identity Crisis," November 2002). But because the CAPPS II software would peer more deeply into personal data, the General Accounting Office (GAO), the Aviation Subcommittee under Congressman John L. Mica (R.-Fla.), and privacy advocates are all taking a hard look at whether it would work and at the constitutional implications. As a result, CAPPS II has yet to be tested.

As I stand at the counter, the CAPPS software searches for digital matches, or indices of presumed guilt by association. The algorithms being run on my PNR contain a mathematical reduction of the notion of "bad." They're made to identify "bad" people by finding people with personal or financial information fitting the government's definition of bad.

The ticket agent has simultaneously sent my digital self to a second data sieve run by U.S. Customs and Border Protection. Customs cross-references my data with terror watch lists from some twenty federal agencies to see if my name or some other part of my data anatomy generates a match with that of a known terrorist. This is done using the Advanced Passenger Information System (APIS) database. Every in- or outbound passenger, regardless of nationality, is subject to an APIS check. This digital scrutiny is just part of what was at work when more than a dozen New York- and Washington, D.C.-bound British Airways and Air France flights were canceled in January and February. British Airways chief executive Rod Eddington later admitted that some twenty-two government agencies had requested looks at the passenger lists of those flights prior to cancellation.