Thursday, 5 February 2004

"EU Commission plots global travel surveillance system"

EU Commission plots global travel surveillance system
(John Lettice, The Register , 4 February 2004)

So actually, we're not talking about a battle between US Big Brother on the one hand and freedom and privacy loving Europe on the other; we are talking about a general, and effectively global, effort to neuter, circumvent or overthrow privacy protection legislation. As the Privacy International report says, "Starting with a simple law in the US, the European Commission has negotiated a global surveillance system tracking the movement of people."...

ICAO, the International Civil Aviation Organization, is the chosen vehicle for taking the surveillance system international. The US and EU plan to take the issue to ICAO with a view to constructing an international regime... Privacy International argues that the Commission, by abandoning the protection of European privacy rights will remove Europe as an ally for other countries coming under pressure from the US to weaken their privacy regimes, and that the result will be "a race to the bottom for global privacy protection."

The Register points out that the USA Department of Homeland Security currently has unrestricted access to the airlines' host CRS's. "So for example they could access free text data in the comments field [footnote], and data on flights which neither go to nor come from the US." That's not just a possibility, but a fact, as I reported last month and as will be exposed if the EU or anyone else ever obtains an independent, technically competent audit of the logs of DHS use of their CRS access.

In the footnote, Lettice recounts an experience a few years back at LAX airport, shoulder-surfing the "content of the free text section of the database BA staff were using as part of the wait-list collation process. 'Africa correspondent of the Financial Times,' one said (right, we thought, and I'm Lech Walesa...), while another pithily noted: 'Hopelessly out of control.'

That sort of thing is still routine. The "remarks" field in each PNR (item 19 of 34 in the list of PNR data categories in the proposed USA Undertakings on PNR transfers) can be, and is, used for pretty much anything any travel agent or airline employee feels like, including unverified and/or derogatory personal opinions from "VIP" TO "TROUBLEMAKER". Watch out: give the gate agent too much grief, and they could flag your PNR for the rest of your trip, or your frequent flyer record with that airline for the rest of your travelling life. All of which, under CAPPS-II, US-VISIT, and similar systems, will be grist for the mill of the global surveillance state.

(FWIW, I've cleaned up my previously posted analysis of the categories of possible data in PNR's today to make it a more useful reference, and corrected the categorization of a couple of items. Keep in mind, though, that usage of PNR fields varies widely, and there are no formats in the AIRIMP messaging protocol for the transfer between CRS's and host systems of many fields in those individual hosts.)

Link | Posted by Edward on Thursday, 5 February 2004, 12:33 (12:33 PM) | TrackBack (0)
Comments
Post a comment









Save personal info as cookie?