Last month's revelations about JetBlue Airways' transmission of passenger data to a military subcontractor reignited debate in the travel management community about data privacy regulations. Under heavy fire, JetBlue apologized for breaking its own privacy policy and said it would not help the federal government test the proposed, second-generation Computer Assisted Passenger Prescreening System, which also has faced intense scrutiny.
For years, travel managers have grappled with data privacy issues stemming from requirements established by the airlines for data aggregation and decision support systems and alleged improprieties by carriers in using booking data supplied to airlines by global distribution systems. With the government now building systems to scan travelers' personal data, travel managers, and the flying public, have fresh reasons for apprehension.
"It is a major concern," said Pete Buchheit, director of travel and meetings services for Towson, Md.-based Black & Decker, referring to unauthorized use or transmission of corporate travel data. "One thing we can do is to include some verbiage in contracts, spelling out specifically what suppliers can and cannot do with our data, but I would hope that a supplier would come to us first before using our data in any way."
Many companies, including Merrill Lynch, already include such safeguards in their supplier deals. "We address it contractually and include penalties," said Kevin Brady, the firm's vice president of global travel services in New York, referring to the right to seek monetary damages from suppliers for unauthorized data transfer. Merrill Lynch does not have a contract with JetBlue.
"We approach data issues in most of our contracts, but it is hard with the airlines. Many times, the issue is between the airline and the traveler," explained Phil Dunphy, senior manager of global travel for Pfizer Inc. in New York. "The employee could do all the right things from a corporate policy perspective, but if they join a frequent flyer program, they are on their own and are exposing themselves to the opportunity for the airline to resell their data."
Because of the global nature of their business, and the obvious and unfortunate link to terrorism, airlines are squarely in the middle of the debate. They cannot completely shun the federal government—which twice in two years provided financial relief—nor can they afford to alienate passengers and the general public.
JetBlue last year violated its own privacy policy when it provided Torch Concepts, a Huntsville, Ala.-based defense contractor, with 5 million passenger records for a system designed to identify potential terrorists.
That mistake has led to class action lawsuits and scrutiny from federal regulators and civil liberties groups. The uproar also convinced JetBlue to back away from participating in the Transportation Security Administration's proposed CAPPS II. The carrier previously told TSA it would help develop the program, which would check airline passenger reservations data with TSA and other commercial databases and color code passenger name records and boarding passes based on threat level.
CAPPS II is being debated in the U.S. Congress as part of the Federal Aviation Administration Reauthorization Bill. It also was discussed during deliberations on the Department of Homeland Security Appropriations Act, which President George Bush signed last week. The program has become a focal point in a national debate on how best to ensure the security of the aviation system without jeopardizing passenger privacy. Airlines and other travel suppliers, in light of public protest and the JetBlue controversy, understandably have shown trepidation about testing the system or being identified as a voluntary collaborator.
TSA this spring fingered Delta as a test participant for the CAPPS II program, a development that angered many Delta customers and travel managers
(BTN, March 24). The carrier currently won't comment on participation in any specific security programs and deferred such inquiries to TSA.
"We are working through the Air Transport Association to get participation because the desire is for this to be as broad as possible," said a TSA spokesperson, declining to comment on any specific airlines. "Ultimately, everyone will have to participate."
"We absolutely would cooperate because if we are not on the same side of the argument, then who is?" asked ATA Airlines CEO George Mikelsons, whose company provides extensive charter services to the U.S. military. "The government needs to help the airline industry, and the airline industry needs to help the government."
Other airlines insisted their participation has been limited to discussions with government officials and that they won't transmit passenger data unless CAPPS II becomes law.
Galileo International said it is not passing data to the U.S. Department of Homeland Security or TSA as part of CAPPS II, contrary to various printed reports. In a statement last week, Galileo said it has not provided any booking information and "has no intention to do so either now or in the foreseeable future absent a substantial change in circumstances." The global distribution system company said its cooperation thus far "has been through periodic discussions and through technical and industry-related consultation." A Galileo spokesperson reaffirmed reports that the company actually is participating in the program as "totally inaccurate."
Travel managers expressed mixed views on CAPPS II, which, in its current form—slimmed down from the initial proposal—no longer includes financial information or the requirement to store data for up to 50 years. Many said security should be the top concern but only in the context of a program designed to be as unobtrusive as possible. Others disfavored any program that is not voluntary. A second public comment period that attracted more than 8,000 comments ended Sept. 30; a third will open in December, according to a TSA spokesperson.
TSA and DHS offices at press time were unable to direct BTN to the full list of public comments, saying that officials still were working to post the filings. The DHS Web site included a file of what one spokesperson termed "a representative sampling" of a dozen comments filed before Aug. 20, none of which identified commenters' affiliations. Among them was a form letter from which TSA claimed to have received 5,800 nearly identical e-mails.
"This national system would only increase the delays and blacklist even more innocent Americans—regular people traveling for work or vacations," the letter stated. "The construction of an infrastructure for conducting background checks on people who fly would depend on shadowy intelligence and law enforcement databases of questionable reliability."
TSA currently is testing the system with "dummy" data. Once airlines agree to participate—or are required by federal mandate, a possibility according to reports quoting TSA Administrator James Loy—testing then will use historical travel data. The current goal calls for tests with real-time travel data by early next summer.
The Department of Homeland Security Appropriations Act for fiscal year 2004 earmarks roughly $4 billion for TSA and $35 million specifically for CAPPS II. The bill, however, states that CAPPS II cannot be implemented—funding only can go toward testing the system—until Congressional committees are convinced it will protect personal privacy, due process and accuracy. The General Accounting Office, Congress' investigative arm, is required to address these matters in a report to be submitted no later than Feb. 15, 2004.
Meanwhile, the Electronic Privacy Information Center, a public advocacy group, late last month said TSA refused to make public a privacy impact assessment on CAPPS II. TSA, in a letter to EPIC and in response to a Freedom of Information Act lawsuit filed by EPIC, said the final versions of the requested documents will not be completed until next year.
"The public understandably wants to know if CAPPS II is going to require all airlines to disclose, on a regular basis, the kind of information that JetBlue disclosed," said EPIC general counsel David Sobel. "It is not reassuring to learn that TSA, after almost two years, has not yet assessed the privacy impact of this system."