|
|
ONLINE FEATURES
Book Reviews
BW Video
Columnists
Interactive Gallery
Newsletters
Past Covers
Philanthropy
Podcasts
Special Reports
BLOGS
Auto Beat
Bangalore Tigers
Blogspotting
Brand New Day
Byte of the Apple
Economics Unbound
Eye on Asia
Fine On Media
Green Biz
Hot Property
Investing Insights
Management IQ
NEXT: Innovation
NussbaumOnDesign
Tech Beat
Working Parents
TECHNOLOGY
J.D. Power Ratings
Product Reviews
Tech Stats
Wildstrom: Tech Maven
AUTOS
Home Page
Auto Reviews
Classic Cars
Car Care & Safety
Hybrids
INNOVATION
& DESIGN Home Page Architecture Brand Equity Auto Design Game Room SMALLBIZ Smart Answers Success Stories Today's Tip INVESTING Investing: Europe Annual Reports BW 50 S&P Picks & Pans Stock Screeners Free S&P Stock Report SCOREBOARDS Hot Growth 100 Mutual Funds Info Tech 100 S&P 500 B-SCHOOLS Undergrad Programs MBA Blogs MBA Profiles MBA Rankings Who's Hiring Grads | |
JANUARY 28, 2004
By Jane Black Putting a Stop to Fly and Tell [Page 2 of 2] Northwest's nonchalance about all this is sobering. Unlike JetBlue's CEO, who immediately apologized to customers, Andersen hasn't. His only attempt to smooth things over came on Jan. 22 -- five days after the news broke -- when he urged fellow airline execs to develop protocols to protect customer data. 2. Technology is no magic bullet against terrorism. In 2002, the Defense Dept.'s Terrorist Information Awareness (TIA) program aimed to aggregate every traveler's credit history, itinerary, and medical information in an effort to screen out terrorists. When Congress put the kibosh on its funding, Homeland Security's Travel Security Administration stepped up its work on a new version of Computer Assisted Passenger Pre-Screening. Known as CAPPS 2, this program assigns each passenger a label -- "no fly, warning, or safe," even though evidence shows that such unsophisticated screening keeps law-abiding people off planes while allowing suspicious travelers on board -- like the man who recently flew from Washington to London with ammunition in his pocket (see BW Online, 4/17/03, "The System That Doesn't Safeguard Travel", and BW Online, 4/17/03, "Better Safety Is in the Bag"). Avoiding some variation of such invasive-but-ineffective technology has turned into an absurd game of whack-a-mole for privacy advocates. Smash TIA, and up pops CAPPS 2. More recently, from the Northwest documents, comes word that NASA also had a project on the books. Perhaps everyone would be better off if the government stuck to old-fashioned detective work to prevent terrorism. 3. The airline-data mess should be cleared up. Since September, calls for a congressional investigation of Jet Blue's privacy practices have been persistent. Both the U.S. Army and Homeland Security's chief privacy officer have promised to report on their roles in that incident. Neither has. It's time for answers -- about Jet Blue, Northwest, and every federal program that has asked airlines to share passenger data. The European Union also will be looking for answers. Last month, after lengthy negotiations, the EU signed a tentative agreement to share passenger data with the U.S., even though such disclosures flout EU law. In the wake of the Jet Blue and Northwest incidents, more than a few U.S. government officials are worried that the EU will reconsider. On Jan. 20, EPIC filed a complaint with Transportation, alleging that Northwest's data sharing amounted to a deceptive trade practice. If the agency agrees, the case will be a first step toward establishing legal protection for traveler data. However, that's not enough. Congress should look into what happened at Jet Blue and Northwest. It should also recommend that every federal agency appoint a chief privacy officer to prevent data sharing without affording individuals privacy protections (see BW Online, 1/08/04, "Privacy Progress at Homeland Security"). 4. It's time to regulate travel data. Unlike the situation with medical and financial data, no law directs how travel records should be stored, sold, used, or who can see them. Government agencies can use this data -- where you went, with whom, whether you asked for one bed or two -- for surveillance and monitoring, even if you've never been convicted of a crime. Apparently, all they have to do is ask. Can you say Big Brother? What the Northwest privacy breach reveals is the need for new federal rules that mimic the data-protection principles in the EU and Canada: Travelers should have the right to choose whether their airline can share information, know whether and how their data is shared, and be able to correct errors that appear in corporate or government travel databases. Such a law should also cover any government agencies that want to collect and parse travelers' personal travel histories. Even Northwest seems to agree with the need for more oversight. In the final line of its statement on its 2001 data sharing, it observed that "in light of current privacy concerns, Northwest believes a data-protection protocol addressing privacy concerns should be developed before any further aviation-security research with passenger data is conducted." Amen.
 Black covers privacy issues for BusinessWeek Online in her twice-monthly Privacy Matters column
BW MALL
SPONSORED LINKS
Buy a link now!Get BusinessWeek directly on your desktop with our RSS feeds.  Add BusinessWeek news to your Web site with our headline feed. Click to buy an e-print or reprint of a BusinessWeek or BusinessWeek Online story or video. To subscribe online to BusinessWeek magazine, please click here. Learn more, go to the BusinessWeekOnline home page  | | |
 Copyright 2004, by The McGraw-Hill Companies Inc. All rights reserved.Terms of Use | Privacy Notice |
Printer-Friendly Version
