May I see your papers, please?

In September of 2002, target=_blank>JetBlue Airways secretly gave the href="http://www.tsa.gov" target=_blank>Transportation Security
Administration
the full travel records of 5 million JetBlue
customers.  This sensitive travel data was then turned-over to a private
security contractor for analysis
, the results of which were presented at a
security conference earlier this year and then posted on the
Internet.

Anyone who flew JetBlue  on or before September of 2002
should assume that all information given by them to JetBlue, including credit
card numbers, is in the possession of both the TSA and href="http://www.torchconcepts.com/" target=_blank>Torch
Concepts
.  Furthermore, Torch Concepts (now doing business as class=outbound href="http://www.torchtechnologies.com/" target=_blank>Torch
Technologies
obtained the Social Security number, date of birth, and
associated credit histories of many of the 5 million passengers in the JetBlue
database.  Some of this information, including SSNs, was posted by Torch
Concepts to the Internet.  The document was freely available for download
on the Internet for over six months and was href="http://216.239.51.104/search?q=cache:RXGiyLfIPToJ:www.ndia-tvc.org/SESEC/Presentations/SE2%2520Conference%2520PDFs/DAY_2/Session%25203S3B3_Roark.pdf+jetblue+capps+II&hl=en&ie=UTF-8"
target=_blank>taken down
on the 17th of September, 2003.  The
full document is available for href="http://www.abditum.com/~rabbi/S3B3_Roark.pdf" target=_blank>download
here
.

The 5 million JetBlue records handed over to TSA appear to
have been used to test off-the-shelf technologies to improve href="http://www.oig.dot.gov/show_txt.php?id=659" target=_blank>aviation
security
.  These tests occurred prior to the formal announcement of
CAPPS II, but it is obvious from the Torch Concepts presentation that a CAPPS
II-like system was the goal.

Comments are disabled for this post