Airline Passenger Profiling
From an anonymous reader who works for the airline industry in the United States:
There are two initiatives in the works, neither of which leaves me feeling very good about privacy rights.
The first is being put together by the TSA and is called the "Secure Flight Initiative." An initial test of this program was performed recently and involved each airline listed in the document having to send in passenger information (aka PNR data) for every passenger that "completed a successful domestic trip" during June 2004. A sample of some of the fields that were required to be sent: name, address, phone (if available), itinerary, any comments in the PNR record made by airline personnel, credit card number and expiration date, and any changes made to the booking before the actual flight.
This test data was transmitted to the TSA via physical CD. The requirement was that we "encrypt" it using pkzip (or equivalent) before putting it on the CD. We were to then e-mail the password to the Secure Flight Initiative e-mail address. Although this is far from ideal, it is in fact a big step up. The original process was going to have people simply e-mail the above data to the TSA. They claim to have a secure facility where the data is stored.
As far as the TSA's retention of the data, the only information we have been given is that as soon as the test phase is over, they will securely delete the data. We were given no choice but had to simply take their word for it.
Rollout of the Secure Flight initiative is scheduled for "next year" sometime. They're going to start with larger carriers and work their way down to the smaller carriers. It hasn't been formalized (as far as I know) yet as to what data will be required to be transmitted when. My suspicion is that upon flight takeoff, all PNR data for all passengers on board will be required to be sent. At this point, I still have not heard as to what method will be used for data transmission.
There is another initiative being implemented by the Customs and Border Protection, which is part of the Department of Homeland Security. This (unnamed) initiative is essentially the same thing as the Secure Flight program. That's right -- two government agencies are requiring us to transmit the information separately to each of them. So much for information sharing within the government.
Most larger carriers are complying with this directive by simply allowing the CBP access to their records directly within their
reservation systems (often hosted by folks like Sabre, Worldspan, Galileo, etc). Others (such as the airline I work for) are opting to
only transmit the bare requirements without giving direct access to our system. The data is transmitted over a proprietary data network that is used by the airline industry.
There are a couple of differences between the Secure Flight program and the one being instituted by the CBP. The CBP's program requires that PNR data for all booked passengers be transmitted:
- 72 hours before flight time
- 24 hours before flight time
- 8 hours before flight time
- and then again immediately after flight departure
The other major difference is that it looks as though there will be a requirement that we operate in a way that allows them to send a request for data for any flight at any time which we must send back in an automated fashion.
Oh, and just as a kick in the pants, the airlines are expected to pay the costs for all these data transmissions (to the tune of several thousand dollars a month).
Posted on December 22, 2004 at 10:06 AM • 10 Comments