Fwd: NYTimes.com Article: F.B.I. Got Records on Air Travelers

[Dave Farber <dave () farber net>]

F.B.I. Got Records on Air Travelers

May 1, 2004
 By JOHN SCHWARTZ and MICHELINE MAYNARD





In the days after the Sept. 11 terrorist attacks in 2001,
the nation's largest airlines, including American, United
and Northwest, turned over millions of passenger records to
the Federal Bureau of Investigation, airline and law
enforcement officials acknowledged Friday.

A senior official with the F.B.I. said the airlines
cooperated willingly. Some, like Northwest, provided as
much as a year's worth of passenger records, which
typically include names, addresses, travel destinations and
credit card numbers.

"There was no reluctance on the part of anybody," added the
senior F.B.I. official, who said that bureau rules required
him to speak anonymously.

The official said the requests were made under the bureau's
general legal authority to investigate crimes and that the
requests were accompanied by subpoena, not because that was
required by law or because the bureau expected resistance
from the airlines, but as a "course of business" to ensure
that all proper procedures were followed.

Airline industry officials said they could not remember
another such sweeping request. In the past, airlines have
routinely provided data to the F.B.I., but typically
requests concerned the passengers on a single flight, or
the travel patterns of an individual passenger.

"It was an extraordinary event," the bureau official said.
"People wanted to cooperate with the F.B.I. because of the
events that had just occurred - and particularly the
airlines, because airplanes were the tool by which the
attacks were carried out."

The F.B.I. official said that the purpose of the data
dragnet was to detect attacks in the making through
patterns in the travel records.

"They developed a model of what these hijackers were
doing," he said, "and went back and looked, based on that
model, to see if we could find associates, conspirators or
other groups out there, particularly in the time
immediately following 9/11."

There is no indication that the passenger data produced any
significant evidence about the plot or the hijackers, the
F.B.I. official said.

The sharing of airline passenger data with the government
has sparked some of the most contentious conflicts
underlying the uneasy balance between privacy and security
in the post-Sept. 11 world. Three airlines, Northwest,
American and JetBlue, have acknowledged sharing weeks or
months' worth of data with government researchers or
contractors as part of an effort to help develop new
methods to spot terrorists.

But the disclosure that airlines had handed over such an
enormous trove of data directly to government criminal
investigators, 6,000 CD-ROM's full of digital records from
Northwest alone, raised red flags among privacy advocates,
who played a role in uncovering the information transfer.

"It certainly takes the airline privacy issue to a new
level, because it's much more material than we've ever seen
disclosed," said David Sobel, the general counsel for the
Electronic Privacy Information Center, a high-tech policy
and advocacy group in Washington.

The group discovered that airlines had handed over personal
information through the results of a Freedom of Information
Act request on a related matter.

"The F.B.I. has adopted a vacuum cleaner approach to
investigations involving information on the lawful
activities of millions of citizens," Mr. Sobel said.

But a former privacy official for the Clinton
administration, Peter Swire, said that the request and the
cooperation should be viewed in the context of the terror
attacks and might qualify as the kind of "hot pursuit" of
criminals that temporarily gives law enforcement greater
leeway.

"This is probably the tip of the iceberg of what companies
gave the government right after Sept. 11," said Mr. Swire,
who is now a law professor at Ohio State University.

Tim Wagner, a spokesman for American Airlines, said the
company "cooperated fully" with the F.B.I. in the days and
weeks after the attacks, in which it lost two planes.

Northwest, in a written response to questions, said the
release of data was justified. "Northwest Airlines
cooperated fully with the F.B.I. in its investigation,
including the provision of passenger name records
(P.N.R.'s) for a 12-month period leading up to September
2001, as requested by the F.B.I.," the statement said.
"Northwest acted appropriately and consistently with its
own privacy policy and all applicable federal laws."

United Airlines also responded to inquiries with a
statement.

"United, committed to assisting the F.B.I. with its
criminal investigation into the 9/11 terrorist attacks,
complied with the government's subpoenas for information
following the events of 9/11. United provided the F.B.I.
with information in a manner that is consistent with our
corporate policy on privacy."

Delta Air Lines, the nation's third largest, declined to
comment on whether it had given passenger records to
federal investigators.

"We continue to cooperate with the government in ongoing
security investigations," a spokeswoman said, "but we do
not comment on the subject of those investigations."

The first hint of the large-scale data hand over came in
January during hearings of the 9/11 commission. Andrew
Studdert, the former chief operating officer of United
Airlines, testified that United set up extensive facilities
for F.B.I. agents in its headquarters near Chicago and had
made available "thousands of pages of records."

But that disclosure was overlooked because of dramatic
testimony the same day from Gerard J. Arpey, American's
chief executive, who played a tape of a call from a flight
attendant, Betty Ong, to a reservations center from aboard
the hijacked Flight 11.

Some records, including financial information and health
records, have strong privacy protection under federal and
state laws, but the data in passenger records do not fall
under the protected areas, the F.B.I. said.

The F.B.I. has not destroyed or returned the records and
cannot legally do so, in case they fall under a legal
discovery order in a criminal case. "We didn't want to
retain the data ourselves," the F.B.I. official said,
adding that the data is not being used "for any other
investigative purpose."

Last September, a privacy advocate uncovered evidence that
JetBlue shared more than five million passenger records
with a Pentagon contractor one year earlier. This year,
Northwest acknowledged that it had given three months'
worth of 2001 passenger data to NASA's Ames Research Center
for a research project into passenger profiling. On April
9, American admitted that it, too, had quietly passed along
passenger data to government contractors, as well.

Stewart Baker, an expert in privacy issues who was general
counsel for the National Security Agency, said that the
incident, because of the vast scale of the information
given to the government, "is clearly something that is
going to be, at minimum, a public embarrassment."

"Probably there will be litigation" against the airlines,
he added.

But unless the companies directly violated their own
privacy policies, he said, legal action against them by
customers is unlikely to succeed. Most airline policies
include a provision explaining that they have the right to
comply with law enforcement requests without violating any
privacy restrictions.

Eric Lichtblau contributed reporting for this article.


http://www.nytimes.com/2004/05/01/politics/01AIRL.html?ex=1084417976&ei=1&en=62d0fc136dd26d47

-------------------------------------
You are subscribed as interesting-people () lists elistx com
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/