Privacy Pressure - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Business & Finance
07:38 PM

Privacy Pressure

Airlines and hotels face customer concerns arising from anti-terrorism efforts

The Transportation Security Administration said last week that it may force airlines to provide information on passengers to test a new counterterrorism program, raising hackles in an industry that's already facing lawsuits filed by passengers for having previously shared such data without their knowledge. The outcome of the dispute could set a precedent for how much data companies share with federal agencies in the name of national security.

The latest development involving the Computer Assisted Passenger Prescreening System II, or CAPPS II, shines a light on a growing concern among airlines and other travel-related companies that counterterrorism efforts increasingly involve requests for information about their customers.

"The airlines will not voluntarily turn over this data," says Doug Wills, VP of external affairs for the Air Transport Association, the trade organization for the major U.S. airlines. While the association supports the concept of CAPPS II, its members want more privacy guarantees before they supply data for any purpose.

David Stone, acting administrator for the TSA, told the House of Representatives' aviation subcommittee that the agency is prepared to propose a rule forcing airlines to hand over passenger data to test CAPPS II's security and privacy safeguards. A TSA spokeswoman says the administration wants to work closely with the airlines. "We really want to ensure that we have an open, transparent, acceptable process that includes interactive discussion on all the issues associated with CAPPS II," she says.

Nuala O'Connor Kelly -- Photo by David Deal

The government is as concerned about privacy as businesses are, Homeland Security's O'Connor Kelly says.

Photo of Nuala O'Connor Kelly by David Deal
Airlines and other businesses are caught between their duty and desire to help prevent terrorism and the need to maintain customer loyalty. Two airlines face pending class-action suits: JetBlue Airways, for giving a government contractor customer data to test an experimental Defense Department data-mining project; and Northwest Airlines, for giving similar data to NASA for an unspecified research test. Nuala O'Connor Kelly, chief privacy officer for the Department of Homeland Security, which oversees the TSA, last month concluded that the administration violated the spirit of federal privacy laws when it compelled JetBlue to provide its customer data to the federal contractor in 2002.

Stone testified that CAPPS II will flag fewer innocent passengers for security review. Under the current CAPPS system, airlines' reservation systems check passenger information against a government-supplied watch list. Putting the passenger-screening system and process in the federal government's hands would ensure a consistent approach, Stone said. The TSA also believes that consolidating the data would allow for more effective use of up-to-date intelligence information and make it easier to identify higher-risk flights and airports.

Passengers' identities would be authenticated by matching airlines' data against a TSA database maintained by a private-sector data aggregator such as LexisNexis or Acxiom Corp., then checked against a federal terrorism database and lists of individuals who have outstanding warrants for violent criminal acts. Precautions to protect privacy include installing private networks between the TSA and the airlines that would pass only encrypted data; requiring the data to pass through a multitier firewall before entering the TSA system; and implementing a 24-hour audit trail that documents all access to data, Stone said.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
State of the Cloud
State of the Cloud
Cloud has drastically changed how IT organizations consume and deploy services in the digital age. This research report will delve into public, private and hybrid cloud adoption trends, with a special focus on infrastructure as a service and its role in the enterprise. Find out the challenges organizations are experiencing, and the technologies and strategies they are using to manage and mitigate those challenges today.
What Becomes of CFOs During Digital Transformation?
Joao-Pierre S. Ruth, Senior Writer,  2/4/2020
Fighting the Coronavirus with Analytics and GIS
Jessica Davis, Senior Editor, Enterprise Apps,  2/3/2020
IT Careers: 10 Job Skills in High Demand This Year
Cynthia Harvey, Freelance Journalist, InformationWeek,  2/3/2020
Register for InformationWeek Newsletters
Current Issue
IT 2020: A Look Ahead
Are you ready for the critical changes that will occur in 2020? We've compiled editor insights from the best of our network (Dark Reading, Data Center Knowledge, InformationWeek, ITPro Today and Network Computing) to deliver to you a look at the trends, technologies, and threats that are emerging in the coming year. Download it today!
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll