Sunday, 2 May 2004
Travel agents join opposition to CAPPS-II
The printed record of the USA House Aviation Subcommitee's 17 March 2004 hearing on the status of the CAPPS-II airline oassenger profiling and surveillance system won't be published for months, and only the testimony presented in person has been posted on the Subcommittee Web site.
But, as is usually the case with Congressional hearings, a much larger volume of written testimony was submitted for the record, inlcluding my own testimony and, more importantly, the first official statement on CAPPS-II from the American Society of Travel Agents, ASTA (MS-Word format), the dominant trade association for travel agencies in the USA.
The written testimony by Paul Ruden, ASTA's Senior Vice President -- Legal & Industry Affairs and principal lobbyist, focused on the USA Tranbsportation Security Administration's failure to consult with the travel industry with respect to the cost and implementation burden their proposals would impose:
There are ... very serious questions about adopting a rule, whether federally imposed or airline imposed, requiring travel agents to collect specific information from prospective passengers "at the time of their first contact with the customer,".... In the first instance, the collection, retention and transmittal of any additional PNR information is going to require basic changes in the displays and back-office system-interaction programming of the computer reservation systems. Absent such changes, there is no practical possibility that travel agents can comply with any mandates to collect and deliver additional PNR information.
Beyond that, there is a telling uncertainty in the testimony of Mr. Stone [Acting Administrator of the TSA], suggesting that CAPPS II may require still more information than is now popularly believed to be the destiny of the CAPPS II program. The familiar rubric "name plus three" has not been established anywhere with finality. It is, therefore, impossible for anyone in the industry to engage in meaningful analysis of what changes in business practices and computer programming are required to accommodate the CAPPS II system.
ASTA has been trying, with others in the retail industry, for a very long time to engage TSA in a meaningful dialogue about the scope and content of CAPPS II. Our efforts have resulted in a few preliminary meetings, but while substantive dialogue has been promised repeatedly, no such interaction has occurred and as of this writing none has, to our knowledge, been scheduled....
At present ... it appear that we will end up in the growing army of parties who will be objecting to the proposed CAPPS II rules, because they will not be based on a deep understanding of the way the travel business is sold at retail and the possible cost and other implications, including suppression of travel demand, that may ensue. ASTA will aggressively resist any rules that impose unnecessary costs on travel retailers or create unnecessary further obstacles to facilitation of the travel experience. Conflict of this kind could probably be avoided if TSA would engage ASTA, and others, in a meaningful pre-proposal dialogue about the content of the proposed rules. We ask this Subcommittee to use its influence with TSA to bring about meaningful pre-proposal dialogue with key industry groups, including ASTA, the GDS?s and others.
When I spoke with Ruden in November 2003, he was shocked and almost disbelieving when I told him what USA Department of Homeland Security Chief Privacy Officer Nuala O'Connor Kelly had told me would be required of travel agents under the latest conception of the CAPPS-II plan. It's apparent from his testimony to Congress, and his subsequent public comments, that the DHS and TSA still aren't even trying to understand what their plans would really mean to the travel industry, or what they would cost.
In a 28 April 2004 article in Congressional Quarterly , Ruden is quoted as saying that, "I guess I'd say that [as travel agents] we're not happy to be doing any additional work for which we're not compensated." Even after reportedly long meetings since the hearings with the TSA, both Ruden and the Air Transport Association's James May, who testified in person at the House hearing, point out continued logistical and technical problems that airlines and travel agents would face in collecting, entering, and transmitting the additional data the TSA/DHS want to require in each reservation.
Meanwhile, the National Business Travel Association (NBTA) Data Protection Committee has produced an industry-first Travel Managers? Guide to Data Privacy sub-titled, "CAPPS II & US Port of Entry: What is the overall impact?" According to the white paper's advice to travel managers:
In the event that the travel buyer's PNR information is not already formatted in this way, some re-programming must occur. It is likely that the travel management company will pass these costs along to the buyers. Further, it is possible that even if the PNR is so formatted, travelers have not yet input all of the required data. Therefore, travelers must expend time to update their information....
There are neither precedents nor specific directives on how such information should be collected and secured. Corporate travelers must be advised that the companies on whose behalf they are traveling may now be required to provide personal information about the employee traveler to the airline and/or to the travel management company for a profile database.
While many travelers may not be concerned with associated privacy issues, senior executive leadership, those in media, entertainment or public roles, and others for reasons they may not wish to disclose have traditionally guarded such information zealously. For these travelers, the lack of detail available on how such data will be secured is troubling indeed. All travelers must
be fully and precisely informed by their employers as to what information is being released, to whom it is being released, and where such data is being stored. Every traveler also should insist
on the right to review such information for accuracy before it is released to any source.
These rights are, of course, among those that are guaranteed by Canadian, European Union, and other countries' data protection laws, but that aren't yet rcognized by USA domestic law. Based on these statments, NBTA would seem to be moving toward endorsement of a Federal travel privacy law, such as I have been calling for, to give travel data in the USA the same protections it has abroad, and that financial and medical data already have in the USA.Link | Posted by Edward on Sunday, 2 May 2004, 21:32 ( 9:32 PM)