Statement of Barry Steinhardt Director, ACLU Technology and Liberty Project

WASHINGTON – The text of a secret agreement that the Department of Homeland Security executed with the Centers for Disease Control to share airline passenger data confirms what the American Civil Liberties Union had feared, which is that the U.S. government is distributing information that it explicitly promised it would not share.  This is very troubling for several reasons.

First, it is continuing evidence that the American government, and especially its security establishment, does not take privacy and data protection seriously. 

Second, it undermines the respect and credibility of our government when it makes promises as a result of careful negotiations among different stakeholders and then breaks those promises. 

In 2003, the United States and the European Union reached an agreement under which the EU would share Passenger Name Record (PNR) data with the U.S., despite the lack of privacy laws in the United States adequate to ensure Europeans’ privacy.  In return, DHS agreed that the passenger data would not be used for any purpose other than preventing acts of terrorism or other serious crimes.  It is now clear that DHS did not abide by that agreement.

How can the American people, much less foreign nations, trust our government on privacy (or any other matter) when it does not abide by its own agreements?  We have already been asked by at least one European official for a copy of this agreement. 

In addition, this document reaffirms our deep concern over the dangers of excessive secrecy and closed government.  A policy on the prevention of disease – with its important public safety goals but also the questions that it raises about civil liberties and effectiveness – is exactly the kind of thing that should be worked out in public.  Experts need to weigh in on just how effective it would be to task fight attendants or security screeners with detecting diseases (which are often most communicable in their earliest, least-detectable stages).  And, based on those assessments, the public needs to debate just what kinds of data sharing is justified and what kinds of privacy protections and other checks and balances are needed.

For these reasons, the ACLU has filed a Freedom of Information Act (FOIA) request to the CDC for all information pertaining to this deal with Homeland Security.

Finally, the existence of this secret agreement raises the question of what other such secret agreements also exist.

A copy of the Memorandum of Understanding between DHS and CDC, the ACLU’s FOIA request, and other materials are online at: www.aclu.org/privacy/spying/25332res20060425.html