This is from a paper written in 2003 from Reason Foundation, I do not know how applicable it is today, but it gives insight into TSA workings

A RISK-BASED AIRPORT SECURITY POLICY
By Robert W. Poole, Jr. with George Passantino
Project Director: Robert W. Poole, Jr.

"For the risk-screening function, TSA’s proposed CAPPS-II would create a massive, intrusive database on the personal and financial details of air travelers. This is far more than required for the task of identifying highrisk
travelers for enhanced scrutiny at airports."