National Academies Press: OpenBook

Legal Implications of Data Collection at Airports (2021)

Chapter: XV. CONCLUSIONS

« Previous: XIV. RESOURCE GUIDE
Page 71
Suggested Citation:"XV. CONCLUSIONS." National Academies of Sciences, Engineering, and Medicine. 2021. Legal Implications of Data Collection at Airports. Washington, DC: The National Academies Press. doi: 10.17226/26207.
×
Page 71
Page 72
Suggested Citation:"XV. CONCLUSIONS." National Academies of Sciences, Engineering, and Medicine. 2021. Legal Implications of Data Collection at Airports. Washington, DC: The National Academies Press. doi: 10.17226/26207.
×
Page 72

Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

ACRP LRD 42 71 o Brussels Airport, Brussels Airport-Privacy Policy, avail- able at https://www.brusselsairport.be/en/ privacy- policy; and o Toronto Pearson International Airport, Complete Pri- vacy Policy, available at https://www.torontopearson. com/en/privacy-policy/complete-privacy-policy. XV. CONCLUSIONS As the use case studies referenced earlier in this work dem- onstrate, airports can and do use data from an ever-expanding range of sources. Some of those data sources are commercial ac- tivities, and some include airport operating systems like cameras and sensor networks developed for other purposes. These uses of data raise a host of opportunities and challenges for airports. As the uses of data grow and develop, so also does the legal envi ronment governing data collection and use. These legal devel- opments are occurring at the federal, state, and local levels. And as explained, even international efforts to address data protection require consideration. Those developments may directly affect collection or use of data in some circumstances or they influence both U.S. legal developments and the actions of large corporate entities that look to operate in the global economy. The trend of all these developments is to move toward greater respect for data subjects and the protection of their data. Given the fact that most airports are governmental entities, collection of this data and its use is subject to additional and unique regulatory regimes. Constitutional provisions at state and federal levels often constrain government collection and use of data. State laws on data privacy may also affect the ability of airports in the collection and use of data. Further complicat- ing airport efforts in data collection and usage are a web of state and local record retention requirements and open records laws designed to ensure transparency in government. These laws can sometimes cause tension with efforts to protect private data of individuals and/or proprietary information that an airport may seek to monetize. As a further complication, the control over public access and records retention may well be outside the con- trol or even influence of airports. The body of federal and state case law governing data pro- tection is growing particularly with respect to commercial use. Commercial enforcement activities are being led at the federal level by agencies like the FTC and in the states by state attorneys general. Increasing requirements to safeguard data and focus on enforcing the rights of data subjects are the hallmarks of these efforts as state governments like California continue to provide enhanced protections. In addition to a growing focus on collection of data and its use, there is a growing focus on tools used to analyze that data. As data sources grow, so too grows the need for a corresponding increase in the power of the tools needed for analysis. The rise of facial recognition as a tool to organize and make sense of an ex- ponentially increasing pool of video data is one example. Other applications of AI and ML are being constructed to analyze data. The scope, power, and limitations of these tools are matters of growing public concern. Calls for constraints by privacy advo- • National Institute of Science and Technology, Risk Man- agement Framework for Information Systems and Orga- nizations, (December 2018), available at https://nvlpubs. nist.gov/nistpubs/SpecialPublications/NIST.SP.800-37r2. pdf. This report offers guidance on a comprehensive program for the preparation of appropriate data security measures. • National Institute of Science and Technology, Guide for Developing Security Plans for Federal Information Systems, Rev. 1, (February 2006), available at https://nvlpubs.nist. gov/nistpubs/Legacy/SP/nistspecialpublication800-18r1. pdf. While this report is somewhat dated, the template at appendix A is useful in outlining requirements for system security. F. Sample Airport Privacy Policies • Sample U.S. airport privacy policies (principally focused on website use): o San Francisco International Airport, available at https://www.flysfo.com/privacy-cookie-policy; o Charlotte Mecklenburg International Airport, Pri- vacy Notice, available at https://www.cltairport.com/ privacy-notice/; o Dallas Fort Worth International Airport, Legal, Pri- vacy Policy, available at https://dfwairport.com/legal/ index.php; o Cincinnati/Northern Kentucky International Airport, Privacy Policy, available at https://www.cvgairport. com/privacy; o Tampa International Airport, Privacy Policy, available at https://www.tampaairport.com/privacy-policy; o Des Moines International Airport, Privacy Policy Use Terms and Disclaimer, available at https://www. dsmairport.com/about-the-airport/privacy.aspx; o Rapid City Regional Airport, Privacy Policy, available at https://www.rapairport.com/privacy-policy; o Palm Beach International Airport, Privacy Policy, available at http://www.pbia.org/privacy-policy/; and o Los Angeles World Airports, LAWA Privacy, available at https://www.lawa.org/privacy. • Sample U.S, Airport privacy policy for applications: LAX, Application Privacy Statement, available at https://www. flylax.com/en/Application-Privacy-Statement. • Sample International Privacy Polices (broader more comprehensive privacy coverages): o Gatwick Airport, Privacy Policy, Official Website, available at https://www.gatwickairport.com/privacy- policy/; o Munich Airport, Privacy Policy, available at https://www.munich-airport.com/privacy-policy- 376755#26255d8dSingapore; o Changi International Airport, Privacy Policy, available at https://www.changiairport.com/en/privacy-policy. html; and

72 ACRP LRD 42 cates seem to be gaining public approval, and some legislative initiatives limiting the use of these measures are beginning to take hold. Arrayed against this rapidly developing legal environment is the quickly developing technical environment that airports need to master to avail themselves of the benefits of exponen- tially increasing stores of available data. Two key themes are emerging: governance and substantive protections. Airports and airport stakeholders may find that an under- standing of both the “California Effect” of the CCPA and the “Brussels Effect” of the GDPR are useful in assessing practices that they might wish to consider in the development and execu- tion of policy. While these measures may not have de jure con- trol over actions of airports and stakeholders, they do represent approaches that are viewed as at the forefront of privacy pro- tection. They are also seen as influencing the development of privacy law that may someday be a de facto requirement within regions, countries, or even internationally. Examining the concepts of governance and substantive pro- tections, particularly though the lenses of GDPR and CCPA devel opments, offers airports a menu of choices and approaches to addressing privacy. These concepts can take many shapes or forms. They are not offered as mandates or even as “best prac- tices.” Rather, they are concepts accepted regionally, nationally, and internationally as effective measures to address data protec- tion issues.

Next: APPENDIX: AIRPORT TECHNOLOGY AND PRIVACY »
Legal Implications of Data Collection at Airports Get This Book
×
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

As technology evolves, airports and their partners collect more data from passengers, employees, tenants, concessionaires, airlines, and others. This data is used in many ways, including for facility management, security, ground transportation, marketing, understanding passenger preferences, and enhancing the travel experience.

The TRB Airport Cooperative Research Program's ACRP Legal Research Digest 42: Legal Implications of Data Collection at Airports provides a survey of applicable law; considerations for the collection and safekeeping of data; and a review of the issues that arise related to data collection among airports, their tenants, and other users. It also offers an understanding of the expansion in law around data collection and use.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  6. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  7. ×

    View our suggested citation for this chapter.

    « Back Next »
  8. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!