Well at least...that's my assumption on the outcome:
Controversy Over Sloppy Data Sharing April 19, 2004
American Airlines the latest to admit improperly sharing passenger data with Feds
By Tony Kontzer
Renewed criticism is being heaped on a federal agency and the airlines for improperly sharing passenger data. And last week, after American Airlines admitted giving data in 2002 to the Transportation Security Administration, some began asking if the agency's controversial passenger prescreening program would ever be deployed. A Senate committee responded to American's admission by tartly demanding that TSA name all the airlines it has approached for data. And the Department of Homeland Security--the department that oversees the TSA--is investigating the agency's data-collection activities.
O'Connor Kelly hopes to report on TSA's data-collection activities this summer.
That investigation "will take into account all uses of passenger data that would have occurred outside of normal legal processes," says Nuala O'Connor Kelly, Homeland Security's chief privacy officer. O'Connor Kelly hopes to report on her findings this summer. TSA officials couldn't be reached for comment.
If the TSA's Computer Assisted Passenger Prescreening System II is scratched, many say its builders will have no one to blame but themselves. "Most political watchers are saying CAPPS II is dead," says Doug Wills, VP of external affairs for the Air Transport Association, the major airlines' trade group. "And it's dead precisely because of the way the development process has been managed." The agency has been criticized by privacy-advocacy groups, airline and travel trade groups, and federal legislators for not ensuring sufficient public debate of CAPPS II.
The Senate Governmental Affairs Committee recently sent a letter to Asa Hutchinson, undersecretary for border and transportation security, implying that TSA misled Congress about CAPPS II. Committee chairwoman Susan Collins, R-Maine, and ranking member Joseph Lieberman, D-Conn., said they'd been told that delays in tests of CAPPS II were because of a lack of real data, when it appears TSA had abundant data. "We are concerned by potential Privacy Act [violations] and other implications of this reported incident," the senators wrote.
TSA already has been accused of strong-arming JetBlue Airways into sharing data in 2002 with a contractor for a Defense Department data-mining experiment. (Additionally, Northwest Airlines admitted recently that it shared data with NASA for an airline-related study, unbeknownst to the airline's top execs.)
Despite the focus on TSA's actions, Larry Ponemon, chairman of privacy consulting firm the Ponemon Institute, says airlines should look hard at themselves. "The data sharing happened, yet key people, such as top executives and legal counsel, were not informed," Ponemon says of the American and Northwest cases. "The decisions were made way down in the organizational hierarchy." Airlines are far behind other industries in terms of their privacy practices, he says.
The airline's actions didn't violate the privacy policy in place at that time, an American spokeswoman says. Now the airline won't share data with agencies unless compelled to do so. Still, New York law firm Cauley Geller Bowmand & Rudman LLP filed a class-action suit against American for violating passenger privacy.
Kevin Mitchell, chairman of the Business Travel Coalition, an advocacy group for large buyers of travel services, admits airline privacy has holes but believes TSA has ultimate responsibility. Mitchell questions the need for CAPPS II, pointing out that lax physical security is a more pressing problem. "CAPPS II is on life support," he says, "and there's not a lot of time left before somebody pulls the plug."
http://www.informationweek.com/story/showArticle.jhtml?articleID=18901922
Controversy Over Sloppy Data Sharing April 19, 2004
American Airlines the latest to admit improperly sharing passenger data with Feds
By Tony Kontzer
Renewed criticism is being heaped on a federal agency and the airlines for improperly sharing passenger data. And last week, after American Airlines admitted giving data in 2002 to the Transportation Security Administration, some began asking if the agency's controversial passenger prescreening program would ever be deployed. A Senate committee responded to American's admission by tartly demanding that TSA name all the airlines it has approached for data. And the Department of Homeland Security--the department that oversees the TSA--is investigating the agency's data-collection activities.
O'Connor Kelly hopes to report on TSA's data-collection activities this summer.
That investigation "will take into account all uses of passenger data that would have occurred outside of normal legal processes," says Nuala O'Connor Kelly, Homeland Security's chief privacy officer. O'Connor Kelly hopes to report on her findings this summer. TSA officials couldn't be reached for comment.
If the TSA's Computer Assisted Passenger Prescreening System II is scratched, many say its builders will have no one to blame but themselves. "Most political watchers are saying CAPPS II is dead," says Doug Wills, VP of external affairs for the Air Transport Association, the major airlines' trade group. "And it's dead precisely because of the way the development process has been managed." The agency has been criticized by privacy-advocacy groups, airline and travel trade groups, and federal legislators for not ensuring sufficient public debate of CAPPS II.
The Senate Governmental Affairs Committee recently sent a letter to Asa Hutchinson, undersecretary for border and transportation security, implying that TSA misled Congress about CAPPS II. Committee chairwoman Susan Collins, R-Maine, and ranking member Joseph Lieberman, D-Conn., said they'd been told that delays in tests of CAPPS II were because of a lack of real data, when it appears TSA had abundant data. "We are concerned by potential Privacy Act [violations] and other implications of this reported incident," the senators wrote.
TSA already has been accused of strong-arming JetBlue Airways into sharing data in 2002 with a contractor for a Defense Department data-mining experiment. (Additionally, Northwest Airlines admitted recently that it shared data with NASA for an airline-related study, unbeknownst to the airline's top execs.)
Despite the focus on TSA's actions, Larry Ponemon, chairman of privacy consulting firm the Ponemon Institute, says airlines should look hard at themselves. "The data sharing happened, yet key people, such as top executives and legal counsel, were not informed," Ponemon says of the American and Northwest cases. "The decisions were made way down in the organizational hierarchy." Airlines are far behind other industries in terms of their privacy practices, he says.
The airline's actions didn't violate the privacy policy in place at that time, an American spokeswoman says. Now the airline won't share data with agencies unless compelled to do so. Still, New York law firm Cauley Geller Bowmand & Rudman LLP filed a class-action suit against American for violating passenger privacy.
Kevin Mitchell, chairman of the Business Travel Coalition, an advocacy group for large buyers of travel services, admits airline privacy has holes but believes TSA has ultimate responsibility. Mitchell questions the need for CAPPS II, pointing out that lax physical security is a more pressing problem. "CAPPS II is on life support," he says, "and there's not a lot of time left before somebody pulls the plug."
http://www.informationweek.com/story/showArticle.jhtml?articleID=18901922