WASHINGTON – A federal agency collected extensive personal information about airline passengers although Congress told it not to and it said it wouldn't, according to documents obtained Monday by The Associated Press.
A Transportation Security Administration contractor used three data brokers to collect detailed information about U.S. citizens who flew on commercial airlines in June 2004 in order to test a terrorist screening program called Secure Flight, according to documents that will be published in the Federal Register this week.
The TSA had ordered the airlines to turn over data on those passengers, called passenger name records, in November.
The contractor, EagleForce Associates (search), then combined the passenger name records with commercial data from three contractors that included first, last and middle names, home address and phone number, birthdate, name suffix, second surname, spouse first name, gender, second address, third address, ZIP code and latitude and longitude of address.
EagleForce then produced CD-ROMS containing the information "and provided those CD-ROMS to TSA for use in watch list match testing," the documents said.
According to previous official notices, TSA had said it would not store commercial data about airline passengers.
The Privacy Act of 1974 (search) prohibits the government from keeping a secret database.
"I'm just floored," said Tim Sparapani, a privacy lawyer with the American Civil Liberties Union. "This is like creating an FBI file, not just some simple check, and then they're storing the data."
TSA spokesman Mark Hatfield said the program was being developed with a commitment to privacy, and that it was routine to change the official definition of a system of records during a test phase.