DOT dismisses privacy complaint against Northwest

The airline did nothing wrong when it shared passenger data related to the Sept. 11 attacks, the agency rules.

Matt Hines
Matt Hines Staff Writer, CNET News.com
Matt Hines
covers business software, with a particular focus on enterprise applications.
2 min read
The U.S. Department of Transportation has dismissed a claim filed against Northwest Airlines that accused the carrier of violating its own privacy policy when it gave government officials passenger information related to the Sept. 11 attacks.

The department ruled late last week that Northwest's privacy policy, which was published on the airline's Web site, does not preclude the company from sharing data with the federal government, specifically when asked to do so. In fact, the department found that Northwest, based in Eagan, Minn., is required by law to make records, including passenger data, available to federal agencies "upon demand," according to a statement.

The complaint, filed by Washington, D.C.-based consumer privacy watchdog Electronic Privacy Information Center (EPIC) and the Minnesota Civil Liberties Union, contended that Northwest engaged in unfair and deceptive practices when it shared passenger name and record data with the National Aeronautics and Space Administration.

The Ames Research Center at NASA had sought the information in the months following the Sept. 11, 2001, attacks on the World Trade Center and the Pentagon to aid in its efforts in making air travel safer, according to the Transportation Department.

Representatives from EPIC and the Minnesota Civil Liberties Union did not immediately return phone calls seeking comment on the ruling, but EPIC said in a posting on its Web site that it plans to petition for a review of the decision.

Representatives of the Transportation Department and Northwest had no further comment on the ruling.

EPIC and the Minnesota group had alleged that Northwest had violated not only its own privacy policy but also the Electronic Communications Privacy Act, the Fair Credit Reporting Act and Minnesota's Deceptive Trade Practices Act when it gave NASA customer records. Those records included passengers' names, their flight numbers, credit card information, hotel and car rental reservations, and the names of their travel companions.

In June, in a related but separate dispute, U.S. District Court Judge Paul Magnuson threw out seven consolidated class-action lawsuits against Northwest. Magnuson ruled that the suits, which had charged that Northwest had violated passengers' privacy rights, had no merit, in part because the policy posted on the airline's site was unenforceable unless plaintiffs claimed to have read it beforehand.

Northwest is not the only airline that has admitted to sharing customer data with the federal government related to Sept. 11. America West, Continental, Delta, Frontier and JetBlue have also said they forwarded information regarding their passengers.