The United States next year will begin handing personal data about U.S. air travelers to the security services of foreign countries, including Russia, under a global aviation security plan crafted yesterday at the Group of Eight summit.
Among the initiatives in the plan is “data exchange on visa watch lists and advanced passenger information,” a senior administration official told reporters on the condition of anonymity.
“Advanced passenger information” is data available before check-in, through the computerized records of airline booking systems.
The official did not say exactly what data about U.S. citizens might be made available to G-8 partner states, but that it would be more extensive than what the United States now exchanges with Europe.
“The information exchange that we are talking about developing here will go beyond the arrangements that we’ve made bilaterally with the European Union,” the official said.
The data-exchange deal with the European Union — which has been in practice for more than a year but was not formalized until June 1 — covers 34 data fields on the so-called PNR, or passenger name record, including name, address, phone details and credit card numbers.
But data covered by the new plan likely will include some kind of unique identifier, such as a passport number, date of birth or Social Security number.
A second official said the aviation security alert at Christmastime last year — which caused the cancellation or delay of several international flights to the United States — highlighted the weaknesses of the existing data exchange.
“What you find is you have multiple hits against very common names because there’s insufficient identifiers,” said the official, apparently referring to the embarrassing case in which an Air France flight was delayed for several hours because of concerns about a passenger thought to be on a terrorist watch list, who turned out to be a small child.
The failures over the holidays demonstrated “the need for very specific points of data on individual passengers,” the official said without elaborating on what those data points might be.
Privacy advocates said the deal was tantamount to imposing unpalatable and unconstitutional security measures through the back door of international agreements.
“We have said for some time now that the administration is engaged in policy laundering, bludgeoning our allies into accepting proposals that it would be politically difficult to implement in the United States,” said Barry Steinhardt of the American Civil Liberties Union’s Program on Technology and Liberty. “Once they’re adopted, the administration can turn around and say, ‘This is the international standard.’”
The first official said the data exchange would not violate privacy rights of U.S. citizens. “One of the things that we are committed to is moving forward with this air security agenda in a way that respects privacy,” the official said.
But Mr. Steinhardt was dismissive. “They’ve already violated those principles of [privacy and personal data] protection. The deal with the EU was in bald violation of European privacy laws.”