http://www.btnmag.com/businesstravelnews/headlines/article_display.jsp?vnu_content_id=1000485328 AA Faces Angry Clients, Public Scrutiny Over Data Transfer APRIL 12, 2004 -- American Airlines last week became the third carrier to admit to transferring passenger data to the federal government following the terrorist attacks of September 11, 2001. American said it "recently learned" that one of its vendors, Airline Automation Inc., in June 2002 provided 1.2 million passenger name records to four other companies developing aviation security systems for the Transportation Security Administration. American said it had authorized AAI to turn over the PNR information directly to TSA in light of "the heightened interest in aviation security" and that "no passengers were harmed by the transfer of the data." The airline said it discovered the data transfer--from AAI to HNC Software Inc., Infoglide Software Corp., Ascent Technology Inc. and Lockheed Martin Corp.--during an internal review triggered by similar data transfer disclosures by other carriers. AAI countered American's statement, saying it transmitted data to the four other third parties "only after receiving the express authorization of American Airlines in May 2002 to release PNR data for such security testing purposes." AAI added that it obtained assurances from the other four companies that no data would be shared, that all data would be returned and that all copies of the data would be destroyed. JetBlue Airways in September (BTN, Oct. 6, 2003) and Northwest Airlines in January (BTN, Feb 9) acknowledged data transmissions to the federal government or government contractors. Both incidents sparked controversy in corporate travel management circles regarding data privacy, data ownership and what are perceived as gaping holes in TSA's plan for a second-generation computer assisted passenger screening program, CAPPS II. Similar to the outcry faced by JetBlue and Northwest, American now is faced with angry clients wondering why American agreed to allow its vendor to transmit data to TSA in the first place. "Who owns the data? If you ask the Europeans, it's the passenger. If you ask us, it's the passenger or the corporation, but it sure isn't the airline," said Kevin Maguire, travel manager of Tokyo Electron America. "I repeatedly asked and American swore they would not do what those other airlines had done. It shows there are no safeguards in place." American now also faces a chorus of disapproval from public advocacy groups, investigations by federal agencies and a class action lawsuit filed "on behalf of all persons who have had personal and private information about them unlawfully gathered and transmitted to third parties by American Airlines and Airline Automation Inc.," according to the lawfirm Cauley Geller Bowman & Rudman LLP. --------------------------------- Do you Yahoo!? Yahoo! Tax Center - File online by April 15th