A Pentagon contractor may have violated privacy laws by collecting personal information on more than 1 million JetBlue Airways customers to develop passenger profiles, according to key senators.
The contractor, Torch Concepts, said it used the names, addresses and phone numbers in a data-mining program to “best distinguish normal JetBlue passengers from past terrorists.”
“These actions suggest the contractor may have violated the Privacy Act of 1974, and they raise disturbing questions about the reliability of safeguards in place at the Defense Department to protect Americans’ privacy,” said a letter sent by the lawmakers to Defense Secretary Donald H. Rumsfeld.
The letter, which suggests a formal investigation is needed to determine how the information was used, was signed by Sen. Susan Collins, Maine Republican and chairman of the Governmental Affairs Committee; Governmental Affairs ranking member Sen. Joe Lieberman, Connecticut Democrat, and Sen. Carl Levin, Michigan Democrat and ranking member of the Armed Services Committee.
Army spokesman Maj. Gary Tallman declined to comment on the letter, as a matter of policy. “We don’t discuss correspondence between Congress and senior leaders.” He did say the Defense Department’s Office of Science and Technology is “looking into the matter to determine the facts and circumstances surrounding the execution of the contract.”
Officials at the Homeland Security Department also are reviewing whether its agency, the Transportation Security Administration (TSA), helped acquire the passenger data.
“There is no reason to believe any TSA employees were involved in the transfer of data, and we want to ensure that,” said Brian Roehrkasse, Homeland Security spokesman.
Ari Schwartz, associate director of the Center for Democracy and Technology, said the center believes the Privacy Act was violated by the contractor in an “egregious” manner.
Before entering Social Security numbers into a database, federal agencies must first publish their intentions in the Federal Register. The contractor also compiled personal information on one passenger as part of a presentation, and put it on the Internet.
“It’s hard to know what else they have done because we don’t have that many details, and that is why an investigation is clearly needed,” Mr. Schwartz said.
In the letter, the senators asked whether the Defense Department was conducting its own investigation and whether the inspector general would be asked to conduct an independent review.
“We support the development of effective new systems and technologies to protect homeland and national security, with appropriate safeguards regarding the privacy of personal information,” the senators said.
“At the same time, we note that many Americans have expressed concern that proposals for new data systems being considered may intrude too far on their personal privacy; on occasion, Congressional and public opposition to poorly explained programs has required agencies to curtail their programs. This apparent misuse of JetBlue passenger information only adds to these concerns,” the senators said.
Congress last month eliminated funding for and effectively shut down another Pentagon program, the Terrorism Information Awareness office that proposed to create a supercomputer to compile personal data and track terrorists.