The U.S. Government Is Tracking In-Flight Preferences

On every flight you take, during every booking you make, the U.S. government is watching you.

The fact that Big Brother collects data on the travels of millions of individuals shouldn’t come as a surprise. Still, it’s one thing to recognize that Uncle Sam gathers information, and quite another to know precisely what that information is.

Over at technology website Ars Technica, senior business editor Cyrus Farivar wrote about how he submitted a Freedom of Information Act (FOIA) request to the United States Customs and Border Protection in order to obtain his Passenger Name Record (PNR) history. A PNR is an account of your travel itinerary, and one is generated every time you reserve a flight, cruise, hotel and so forth. The government stores these details — mainly passenger name, travel provider (an agency, airline, etc.), ticketing details and schedule — in a database for up to five years.

Farivar’s request yielded a 76-page account of his trips from 2005 to 2013. To begin with, that’s more than five years. Furthermore, in addition to basic information, Farivar’s history contained several interesting tidbits, including every email address he ever used to make a reservation, the IP address he used when purchasing a ticket and even minor comments he made to airline call centers, such as requesting a seat change. Farivar described it as a “collect it all” mentality.

Some of Farivar’s PNRs even displayed his credit card digits. Fortunately, he explained, those cards had already expired. Although he contacted American Airlines to ask why a PNR created through them included a full number, not even blacked out, he never received a reply.

As for why other details, including seemingly innocuous requests made through a call center, end up in a PNR, travel writer and researcher Edward Hasbrouck explained to Farivar:

There’s no sense on the airline call center staff that they may or may not be aware that anything they put in may be in your permanent file with the Department of Homeland Security. There’s no training in data minimization. They are empowered to put things in people’s files with the government. I think that’s pretty disturbing.

In other words, when making travel arrangements, whatever you say to an agent or enter on a booking website may end up in a semi-permanent government record. But given the nagging prevalence of identity theft, are these reports a threat to your privacy?

Fred Cate, an Indiana University law professor, seems to think so. “Why isn’t the government complying with even the most basic cybersecurity standards?” Cate asked. “Storing and transmitting credit card numbers without encryption has been found by the Federal Trade Commission to be so obviously dangerous as to be ‘unfair’ to the public. Why do transportation security officials not comply with even these most basic standards?”

And why does the government need to know whether you prefer chicken or beef for your airline meal?

“No wonder the government can’t find needles in the haystack — it keeps storing irrelevant hay,” Cate continued. “Even if the data were fresh and properly secured, how is collecting all of this aiding in the fight against terrorism? This is a really important issue because it exposes a basic and common fallacy in the government’s thinking: that more data equates with better security. But that wasn’t true on 9/11, and it still isn’t true today. This suggests that U.S. transportation security officials are inefficient, incompetent, or using the data for other, undisclosed purposes. None of those are very encouraging options.”

You can submit your own FOIA request here, but what will your discovery mean in terms of how you book your next trip? Probably the same that it meant to Farivar, who said, “Frankly, not much.” You’re at the mercy of the agents and websites handling your reservation. And while you can instruct them to omit data from the PNR you believe to be irrelevant, they don’t have to. They may even add the instruction itself.

[Photo: iStock]