Legal Issues Concerning Transit Agency Use of Electronic Customer Data (2017)

Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

9patrons individually.74 Any PII collected “will be disclosed only to MBTA employees, officials or service providers on a ‘need to know’ basis” to fulfill MBTA’s responsibilities.75 MBTA may provide a patron’s information to the patron or to a govern- ment agency responsible for matters referred to in a patron’s communication. When the agency discloses a patron’s PII, however, “to related third parties who work with us to provide you with services, we will require such party to protect your information and abide by this Privacy Policy.”76 The Washington Metropolitan Area Transit Authority (WMATA) advises that [n]o SmarTrip® information, including financial transaction information, may be released by WMATA, unless the request is made (a) pursuant to a Court order; (b) pursuant to a request from a law enforcement official...; [or] (c) by the Registered User of the SmarTrip® information/data upon proof of identity...for release only to that user.77 Furthermore, except in accordance with the previously cited subsections (a) and (b), WMATA data will not be released to third parties even with a customer’s consent.78 III. PRIVACY RISKS ASSOCIATED WITH TRANSIT AGENCIES’ COLLECTION OF CUSTOMERS’ ELECTRONIC DATA Transit agencies are on the cusp of having avail- able to them the most advanced technology ever developed for contactless electronic payment systems. Transit and other agencies are able to acquire, use, and archive a transit user’s personal and travel data while monitoring an individual’s movements in real time.79 It has been argued, however, that the latest payment technologies sacri- fice privacy for convenience while increasing the risk to privacy and the security of personal data.80 The risks depend on the kind of data being collected, used, disclosed, or retained; how access to the data is controlled; and how and to whom data are 66 Id. at 1. 67 Id. at 2. 68 Id. 69 Id. 70 Id. at 3. 71 CTA Privacy Policy, supra note 52. 72 Transit Access Pass, TAP Cardholder Agreement, https://www.taptogo.net/articles/en_US/Website_content/ Cardholder-Agreement (last accessed Sept. 24, 2016). 73 See id., TAP Privacy Policy, https://www.taptogo.net/ articles/en_US/Website_content/privacy-policy (last accessed Sept. 24, 2016). 74 MBTA, Electronic Fare Media Privacy Policy § 4.5, hereinafter referred to as “MBTA Privacy Policy,” http:// www.mbta.com/customer_support/privacy_policy/#4.5 (last accessed Sept. 24, 2016). 75 Id. § 5. 76 Id. § 5. 77 WMATA Policy/Instruction § 9.3, at 16, http:// www.wmata.com/about_metro/parp_docs/pi_9_2_0.pdf (last accessed Sept. 24, 2016). 78 Id. 79 Dempsey, supra note 1, at 5. 80 Thomas S. Heydt-Benjamin, Hee-Jin Chae, Benessa Defend, & Kevin Fu, University of Massachusetts, Privacy for Public Transportation 1 (2006), http://www. academia.edu/2788098/Privacy_for_public_transportation (last accessed Sept. 24, 2016). to this Privacy Policy, and otherwise communicate with Clipper® customers, but only after satisfying any applicable requirements of law, such as requirements to seek customer consent to receive certain types of communications.66 Likewise, MTC states that it may share PII with participating transit agencies, which in turn may disclose PII to Clipper contractors or subcontractors, “but only for the purpose of operating and maintain- ing the Clipper® [FPS], such as [for] managing [patrons’] accounts and revenue collection.”67 MTC and its Clipper contractors only store PII as is necessary for accounting functions, such as billing, account settlement, or enforcement activities, and all data are “discarded no later than four years and six months after the account is closed or terminated.”68 PII provided by Clipper® customers is stored on computer servers that are located in secure, controlled facilities. Serv- ers are designed with software, hardware and physical security measures in place to prevent unauthorized access. Access to PII is controlled through…administrative, techni- cal, and physical security measures. By contract, third parties with whom MTC shares PII are also required to implement adequate security measures to maintain the confidentiality of such information.69 MTC advises its Clipper customers that the Clipper Web site places “cookies,” i.e., small data elements, on the computer systems of users of the Web site.70 Other transit agencies have privacy policies and terms of use for their electronic payment systems. In Chicago, CTA’s policy provides that “[a]ccess to PII is limited only to certain operations and technical employees for limited, approved purposes based on their specific work responsibilities necessary to the maintenance and operation of the Ventra® program.”71 The Transit Access Pass (TAP) cardholder agree- ment in use by the Los Angeles County Metropolitan Transportation Authority72 provides that “[p]ersonal information will only be used for the purpose of oper- ating and managing the TAP Program.”73 Although the Massachusetts Bay Transportation Authority (MBTA) collects locational information each time a card is used, MBTA does not identify