Out-Law / Your Daily Need-To-Know

Out-Law News 1 min. read

JetBlue gets passenger privacy case thrown out

A class action lawsuit filed over the admission by JetBlue Airways that it had released customer data to a contractor for the US Department of Defence, for a security risk assessment project, has been dismissed, according to reports.

According to the Associated Press, US District Judge Carol Bagley Amon, sitting in the District Court for the Eastern District of New York, found that JetBlue had acted in breach of its privacy agreement. But because passengers were unable to show that they had been damaged by the breach the case had to be dismissed.

Speaking to the Associated Press, Jenny Derbin, spokeswoman for JetBlue, said, “Although the action was found to be lawful, it violated our privacy protection policy."

"We regret that deeply,” she continued. “We have no intention of sharing information with any third party."

The case dates back to September 2002, when, at the request of the US Transportation Security Administration (TSA), JetBlue released personal details – names, addresses and phone numbers – of over one million of its passengers to US Defence Department contractor Torch Concepts so that the contractor could study its ability to assess the terrorist risk of passengers.

The test involved checking the passenger information against other databases to which the contractor had access.

A data company called Acxiom provided the additional information – which included social security numbers and income levels – even though both Acxiom and JetBlue had visible privacy policies stating that personal information would not be given out to third parties.

In September 2003, customers of the airline filed a class action against JetBlue over the alleged breach of privacy, while civil liberties group the Electronic Privacy Information Center (EPIC) filed a complaint with the Federal Trade Commission against JetBlue and Acxiom.

The US Army ordered its own investigation into the affair, looking for violations of the US Privacy Act. This Act is designed to ensure that there are no secret government systems for gathering personal data, and that any data collected is restricted to that which is strictly necessary.

In August 2004, the Army's inspector general published a report exonerating Torch Concepts from any privacy breaches.

We are processing your request. \n Thank you for your patience. An error occurred. This could be due to inactivity on the page - please try again.