Thank you.
When you're designing programs that collect personal information for use and retention or disclosure, what steps are taken to identify any possible risks posed to an individual's privacy rights? I think you mentioned a few, but could you go through the steps? In other words, the information goes in, people are identified—something is “flagged”, I guess is the common usage.
How do we make sure that any possible risks that are posed don't interfere with a person's privacy rights, yet you get to protect the people on the plane?