It’s one thing to promise not to pass on data to other organisations, and it’s another thing again not to pass on data to other organisations:
JetBlue Airways passengers, more than a million of them, have been unsuspecting guinea pigs in a Defense Department contractor’s experiment in mining commercial databases to assess the risk of a person turning out to be a terrorist. The airline admits it violated its own privacy policy when it acceded to the Pentagon’s request to give passenger records to Torch Concepts, a private technology business that was ostensibly creating a program to enhance security at military bases.
That’s paragraph one of a New York Times story today. This is the final para:
This misstep only feeds legitimate consumer fears that companies and governments are too quick to use private data in unauthorized ways. It is worrisome, in this regard, that the Homeland Security Department has already backtracked from its original vow to use its passenger-profiling program only to fight terrorism. There is now talk of turning it into an all-purpose law-enforcement tool. For its part, in addition to ascertaining what actually took place, Congress may also need to consider new legal protections for consumers’ privacy.
Mission creep, in other words.