Under fire for violating its own privacy policies, JetBlue says it won't participate in a computer-assisted passenger pre-screening system unless mandated by law.
The lawsuit charges JetBlue with fraudulent misrepresentation, breach of contract, and invasion of privacy and seeks unspecified compensatory damages but no punitive damages.
JetBlue admitted Monday that it provided passenger names, addresses, and phone numbers to Torch Concepts Inc., a defense contractor that develops data-mining and pattern-recognition technology to identify potential terrorists. Torch Concepts used the data as part of a risk-assessment study to improve security at military bases.
On Monday the Electronic Privacy Information Center, a privacy advocacy organization, filed a complaint with the FTC against JetBlue and Acxiom Corp., a marketing database company, charging the two with violating consumer protection laws by providing Torch Concepts with customer data. The complaint says JetBlue provided information on 1.5 million passengers.
The privacy information center says Torch Concepts combined the JetBlue information with additional personal information from Acxiom, including demographic data and Social Security numbers, to determine if passengers could be deemed a security risk, according to the privacy information center complaint.
The privacy information center's complaint charges that JetBlue's and Acxiom's actions violated privacy policies posted on their Web sites. Violating published privacy policies is fraudulent under consumer protection laws.
The privacy information center also filed Freedom of Information Act requests with the Federal Aviation Administration, the Transportation Security Administration, and the U.S. Army (which commissioned the Torch Concepts work) seeking additional information about the anti-terrorism screening program.
JetBlue provided passenger itinerary data--but not credit-card or payment information--to Torch Concepts "at the special request of the Department of Defense," according to the airline's statement. JetBlue also said it has been told by Torch Concepts that no "identifiable customer data" was shared with other parties, including the Defense Department or the transportation security administration, and that all the data has been destroyed.
JetBlue also said it has decided, unless mandated by law, that it will not participate in the CAPPS II (computer-assisted passenger prescreening system) program now being developed by the transportation security administration. JetBlue had initially agreed to participate in the development of CAPPS II.
The FTC has "been very active" in enforcing privacy regulations, "so we take allegations like this very seriously," says FTC spokeswoman Claudia Bourne Farrell. She could not say how long it will take to investigate the privacy information center complaint, although she said such complaints are often resolved by the parties through negotiation and consent decrees.
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
2018 State of the CloudCloud adoption is growing, but how are organizations taking advantage of it? Interop ITX and InformationWeek surveyed technology decision-makers to find out, read this report to discover what they had to say!
Infographic: The State of DevOps in 2017Is DevOps helping organizations reduce costs and time-to-market for software releases? What's getting in the way of DevOps adoption? Find out in this InformationWeek and Interop ITX infographic on the state of DevOps in 2017.
Cybersecurity Strategies for the Digital EraAt its core, digital business relies on strong security practices. In addition, leveraging security intelligence and integrating security with operations and developer teams can help organizations push the boundaries of innovation.