1.What is Galileo? 2.What you can do to stop CAPPSÝII 3.Galileo:Police State Collaborator 4.Why CAPPS II doesn't make us safer 5.Chart of how CAPPS II "works" http://www.dontspyon.us/chart.html 6.JetBlue class-action lawsuit 7.JetBlue: Pants On Fire! A List of Lies 8.Airline Passenger Risk Assessment (REPORT) http://www.abditum.com/~rabbi/S3B3_Roark.pdf http://www.dontspyon.us/ To the Department of Homeland Security, you are no longer an American, you are a potential terrorist.Ý Soon, anyone who books a flight through the Galileo Computerized Reservation System will have a nice fat file opened-up on them.Ý In another test of a new Orwellian airline security program by the Department of Homeland Security's Transportation Security Administration, Galileo will be facilitating background checks on anyone using their system. What will Galileo do? 4 Collect your full name, date of birth, address and home phone number; 4 Put information related to your travel plans (including your credit card number, frequent flier number and itinerary) into a file and send it to the government. The more you travel, the thicker the file.Ý The information Galileo sends to the government will link all your travel information into a easily accessible dossier. The Feds will then: 4 Have private data providers decide if you're really who you say you are; 4 Run a criminal background check on you; 4 Have you arrested at the airport if they think you're potentially linked to terrorism; 4 Assign you your very own Threat Assessment color; Ý Ý - Greens will pass through security as normal. Ý Ý - Yellows would require additional screening. Ý Ý - Reds are not allowed to fly. How will they determine what color you are? - Sorry, that's classified. Will an unpaid parking ticket flag you red? - Not yet, but there will be a system in place to do so. If I list my cell phone, will that flag me yellow? - No one knows. Can I appeal a Homeland Security decision? - Sure.Ý Write a letter to a Homeland Security P.O. Box while you're being detained at the airport and they'll get back to you real soon. How do I know the government's information is correct? - You don't.Ý The TSA does not require any of the private databases they use to be accurate information to be accurate, just as the Justice Department has exempted their warrant database from being accurate. Are private databases accurate? - No.Ý One of the largest private companies running information checks for the federal government, ChoicePoint, played a curious role in the 2000 Florida elections. Will this system make flying safer? - No, and here's why. Who the heck is Galileo?Ý I thought airlines did reservations. - Galileo is a Computerized Reservation System (CRS). Airlines, hotels, car rental agencies and others use CRSes to keep their records.Ý Galileo is one CRS.Ý The other CRSes are Sabre, WorldSpan and Amadeus.Ý Think of a CRS as the travel equivalent of a credit bureau. WHAT WE KNOW CAPPS II (Computer Assisted Passenger Profiling System) is nothing less than a Soviet-style system of internal border controls.Ý An incredible invasion of privacy, the system is un-American and un-Constitutional: not that a pesky thing like the Bill of Rights has stopped the extremists down at Homeland Security.Ý It is our duty as citizens to do the job that the Department of Homeland Security has miserably failed at doing: to protect the US Constitution and stop CAPPS II. All the information gathered will be stored on government computers for days, but your Galileo travel dossier will be kept as long as they feel like it.Ý The information in your dossier can be sold, bought, traded or given to anyone Galileo wants.Ý Why?Ý Because they can.Ý By providing Galileo mandatory-voluntary information, you'll be helping Galileo turn you into a marketing victim and strip yourself of your Constitutional rights, all in one fell swoop. What's in your travel dossier?Ý A lot.Ý This dossier is known in the travel business as a PNR, or Passenger Name Record.Ý Until now, it's been difficult to separate John Smith's information from another John Smith.Ý The addition of dates of birth, telephone numbers, and full names makes it easy to tell one Smith from another.Ý Learn more about Passenger Name Records here. To be fair, the program is one created by the Transportation Security Administration in a horribly misguided attempt to make flying safer.Ý It doesn't. Today, it's just a pilot test running on a single CRS: let's work to make sure this pilot test fails. Until Galileo publicly withdraws from testing CAPPS II and stops treating citizens like criminals, there's only one thing the American people can do: to boycott Galileo and all other Cendant subsidiaries. === What you can do right now to help stop CAPPSÝII 1. Don't book through Galileo Spend your money through airlines and travel agencies that don't violate your privacy. If you already have a booking through the Galileo CRS, contact your travel agent and see if it isn't possible to rebook. Travel agents and corporate travel execs: use a CRS that respects the constitutional rights of your clients and co-workers. 2. Boycott all Cendant subsidiaries It's a big company: see the list in all its ignominious glory at www.cendant.com. 3. Divest Cendant Stock Sell all but one share of Cendant (NYSE: CD) stock in your portfolio. Keep the last share so you can attend shareholder meetings and tell the Board what you think about their invasive, un-American practices. 4. Write Galileo You can email their CEO and management team as well as their PR and Investor Relations flacks with a single click here (Outlook users may need to replace the commas in the address box with semi-colons). mailto:Robert.Coggin@cendant.com,Ted.McNamara@cendant.com,Mickey.Lutz@cendant.com,Janie.Kaung@cendant.com,Mitch.Gross@cendant.com,Gordon.Wilson@cendant.com,Ken.Esterow@cendant.com,Marka.Jenkins@cendant.com,jill.brenner@cendant.com,Sam.Katz@cendant.com,CorpCom@cendant.com,dawn.lyon@cendant.com,investor.relations@cendant.com?subject=CAPPS%20II 5. Call Galileo Pick up the phone and give Galileo a few minutes of your undivided attention. Their PR flacks can be reached at 1-973-496-8079. 6. Write your US Congressperson If you are an American citizen, go here, type in your ZIP code and express your displeasure with the TSA, CAPPS II and Galileo/Cendant's involvement in it. http://www.aclu.org/SafeandFree/SafeandFree.cfm?ID=12108&c=yourconfereratesatdontspyonme 7. Tell the Feds what you think of CAPPS II The Department of Homeland Security has promised to post all comments received on CAPPS II to the website. Tell them what you think of their un-American, Soviet-style plan. mailto:privacy@dhs.gov?subject=Docket%20Number%20DHS/TSA-2003-1%20(CAPPS%20II%20Comments) 8. Tell us what you think So, you've done steps 1 through 7 and you still have something you want to get off your chest? Email the Don't Spy On US staff at iamstillangry@dontspyon.us. === Galileo: Police State Collaborator Just when you thought that someone in the Department of Homeland Security got 'round to reading the Bill of Rights, you're proved wrong.Ý After citizen outrage forced DHS to pull the plug on this fascist, 'zee papers, please' system earlier this year, these same people are trying to pull a fast one on the American people.Ý Convinced we're no longer paying attention, the Transportation Security Administration is preparing to deploy a slightly revised version of CAPPSÝII. If you ever visited the old Soviet Union, you'll see CAPPS II for what it really is: internal border controls. Galileo International, a subsidiary of the Cendant Corporation, has signed-up to assemble dossiers on anyone flying in these United States of America and share the information with the Feds. After the punishment meted out by Americans to Delta Air Lines for their collaboration, why would Galileo (or anyone else) be so stupid as to collaborate in testing CAPPS II?Ý Wouldn't they have learned a lesson? The answer is yes, they have learned, which is why Homeland Security gave Galileo a huge financial incentive to collaborate.Ý By creating dossiers on every member of the flying public, Galileo can sell, trade or use the information contained within for marketing purposes.Ý Galileo's parent is Cendant, a company that sells everything from travel to insurance.Ý The information in your travel dossier would help them turn you into a first-rate marketing victim. Flying frequently to Cleveland? A Century 21 agent can stop by your hotel and see if you'd be interested in a home. And if not, perhaps you'd consider timeshare? Galileo's new profit center wouldn't be possible without CAPPS II demanding your full name, date of birth, home address, telephone number, and government-issued ID be entered into a privately-owned database.Ý The Feds think this information will help them figure out who's a terrorist: it won't.Ý It will, however make Galileo a lot of money and you a lot less free.Ý Zee papers, please. === Researchers at MIT recently published a highly technical research paper that demonstrates why CAPPS II actually makes flying more dangerous, not less.Ý As Old Ben Franklin does not have a Ph.D. in quantum mathematics, he turned to Russell L. Brand, a fine American and Computer Security Theorist, to explain what this research paper means in Plain English. A Lay Explanation of the MIT Research Paper "Carnival Booth: An Algorithm for Defeating the Computer-Assisted Passenger Screening System" By Russell L. Brand. Imagine a world where you knew who all the terrorists were in advance.Ý It is a much simpler world than the one we have.Ý There would be no waiting in airport security lines. While we don't have that, some people think we are in a world where we know who the terrorists ARE NOT.Ý And in that world, we can avoid searching the people we know are safe and devote all (or most of) our effort just to the people were aren't sure of.Ý It sounds good.Ý Some of us avoid being hassled and the system moves faster for everyone. BUT... What if we are occasionally wrong?Ý Just a few of these SEEMINGLY SAFE people are really terrorists.Ý They'd slip by with us good upstanding citizens. And what if the terrorist organizations sent all their folks on a few test trips?Ý After a few trips, they would know which ones got searched each time and which ones never got searched.Ý Then they would use the ones that had never gotten searched on their mission, knowing that these SEEMINGLY SAFE people (who were really terrorists) could more easily get onto the planes. Unfortunately, the efforts to target our searching attention, rather than better protecting us and more efficiently using our resources, instead telegraphs what we know and allows the bad guys to have a better chance of out maneuvering us. While the intuition of this is easy to understand, it took a team of leading mathematicians at MIT to prove that it is true and to show that their are no simple fixes to the targeted approach.Ý And the implications of their findings cannot be ignored. It is critically important to not let a terrorist know whether or not he is a suspect until the moment we capture him.Ý And unfortunately, that means long lines for us all. === A Chart of how it works http://www.dontspyon.us/chart.html === Call To Action Did You Fly JetBlue Airways Between February of 2000 and September of 2002? If you did, all of the information you gave JetBlue was probably included in the names, addresses, and other customer information given to a company called Torch Concepts. Torch Concepts then linked the information you gave JetBlue with your Social Security number, date of birth, DMV records, and credit history obtained from a data-aggregation company called Acxiom. Five million travel records were turned-over by JetBlue: some of them were probably mine, were any of them yours? That JetBlue has put me and millions of others in the position of having to worry about identity theft is just plain wrong. If you are as angry as I am about having your private information given away by JetBlue, then write me (jgruber@iocaine.com). It's important that JetBlue, all airlines, in fact all businesses that collect our private information need to know that they must follow the law. Together, we can look at all the options open to us, including filing a class-action lawsuit against JetBlue for violating the terms of their own privacy policy. Sincerely, Joshua P. Gruber New York, NY jgruber@iocaine.com === JetBlue: Pants On Fire! Which of the many lies told by JetBlue this week do they no longer wish us to believe? Asked on 15 September if they were participating in testing the CAPPS II internal border control system, JetBlue's response was, "That's not public information".Ý Err... yes, it was.Ý TSA chief Admiral Loy told a group of conservatives that very day that JetBlue would test CAPPS II. On 16 September, JetBlue president David Neeleman came out with the following weasel words: "no JetBlue customer information has been shared with the US Government with respect to testing the CAPPS II program currently under design." Confronted later in the day with incontrovertible evidence that JetBlue violated the privacy of 5 million passengers, JetBlue issued fervent denials for over 24 hours before they half-heartedly 'fessed-up on September 17th.Ý Neeleman's story was at least original.Ý He claimed that JetBlue flushed the privacy rights of its customers down the toilet only once; and all as part of a secret project to help out the US Army protect their bases.Ý This story might have flown had every former JetBlue passenger been subject to sleep deprivation before being told this particular tale.Ý JetBlue's problem was that Americans were wide-awake and not buying the airline's "Area 51 Defense".Ý The evidence made no mention of either the Army or base protection. Today, September 18th, JetBlue decided to try something different.Ý Everyone who writes a nastygram to the airline now receives his or her very own personal apology letter.Ý Is JetBlue CEO Neeleman's letter suitable for framing, or better used for some other function? The letter begins: Thank you for writing to JetBlue so that I have an opportunity to apologize to you personally and set the record straight. He's sorry.Ý That's nice, but as you've been having trouble telling the truth all week I'm already having trouble believing you. Most importantly, JetBlue has never supplied, nor will supply, customer information to the Transportation Security Administration, or any government agency, unless we are required to do so by law -- not for CAPPS II or for any other purposes, whatsoever. Yes, you did.Ý You even admit it in the next sentence: However, I regret that, more than a year ago, we responded to an exceptional request from the Department of Defense to assist their contractor, Torch Concepts, with a project regarding military base security. Here it is:Ý the 'Area 51 Defense'.Ý Much more original than the Nuremberg one. This project had no connection with aviation security or the CAPPS II program and no data files were ever shared with the Department of Defense or any other government agency or contractor. This is a real whopper.Ý The project had EVERYTHING to do with aviation security.Ý 5 million of JetBlue's passengers were profiled, their privacy invaded and the linked data stored, transferred or sold to Lord-knows-where. We provided limited historical customer data including names, addresses and phone numbers.Ý It DID NOT include personal financial information, credit card information, or social security numbers. Your airline most likely provided the entire passenger record (PNR), which contains credit card numbers.Ý The information you provided made it easy for Torch Concepts to go out and obtain SSNs, etc. through Acxiom's data mining. Torch further developed this information into a presentation, without JetBlue's knowledge, for a Department of Homeland Security symposium.Ý We regret that this presentation included the personal information of one customer -- although the customer's name was not used.Ý Again, we had no knowledge of this presentation until two days ago and we were deeply dismayed to learn of it. Until JetBlue produces documents proving they truly believed this was not a CAPPS II project, Americans have no reason to believe a word they're saying. The sole set of data in Torch's possession has been destroyed; no government agency ever had access to it. Pull the other one.Ý Does JetBlue honestly expect us to believe that after Torch spent millions of taxpayer dollars on Acxiom's database and created extensive profiles on millions of JetBlue customers, that that information would be deleted?Ý No way. With Torch's help, we are continuing to make every effort to have the Torch presentation with the one customer's information removed from the internet. Ha.Ý This document is now mirrored in dozens of places around the world.Ý It is a permanent monument to JetBlue's hubris and Torch Concepts's stupidity:Ý may Torch never again sup at the DOD trough. This was a mistake on our part and I know you and many of our customers feel betrayed by it.Ý We deeply regret that this happened and have taken steps to fix the situation and make sure that it never happens again. Saying 'sorry' just isn't enough.Ý Sorry. I am saddened that we have shaken your faith in JetBlue but I assure you personally that we are committed to making this right. And the Don't Spy On US team is committed to making sure you do so. === Airline Passenger Risk Assessment (REPORT) http://www.abditum.com/~rabbi/S3B3_Roark.pdf JetBlue's new-found concern for the privacy of their passengers comes on the heels of last week's JetBlue 'Data Rape' scandal.Ý In violation of their own privacy policy, JetBlue gave the travel records of everyone who had flown their airline between 2000 and September of 2002 to defense subcontractor Torch Concepts.Ý Torch then matched the JetBlue records against other databases Social Security numbers, DMV records, property records and other sensitive information in an un-American, CAPPS II-like attempt to predict who was potentially a terrorist. The results were then presented by Torch at a Homeland Security conference and then posted to the Internet. (see above) ========== HURIDOCS-Tech listserv ========== Send mail intended for the list to <huridocs-tech@hrea.org>. Archives of the list can be found at: http://www.hrea.org/lists/huridocs-tech/markup/maillist.php To subscribe to the list, send a message to <majordomo@hrea.org>, with the following text in the message: subscribe huridocs-tech To unsubscribe from the list, send a message to <majordomo@hrea.org>, with the following text in the message: unsubscribe huridocs-tech If you have problems (un)subscribing, contact <owner-huridocs-tech@hrea.org>.
[Reply to this message] [Start a new topic] [Date Index] [Thread Index] [Author Index] [Subject Index] [List Home Page] [HREA Home Page]