Legal Implications of Data Collection at Airports (2021)

Below is the uncorrected machine-read text of this chapter, intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text of each book. Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.

2    ACRP LRD 42 CONTENTS I. Introduction, 3 VIII. State Statutory Privacy Protections and A. Background of the Research, 3 Trends, 43 B. Objective of the Research, 5 A. Data Security Laws Regulating the Public Sector, 43 C. How to Use the Digest, 5 B. Data Security Laws Regulating the Private Sector, 43 D. Summary of Section Content, 5 C. Data Disposal/Destruction Laws, 44 II. Literature Review, 6 D. Data Breach Laws, 44 A. New Technology–New Concerns, 6 E. Consumer Protection, 45 B. Adapting to Technology Change and Developing F. State Legislative Initiatives and Trends, 47 Considerations, 6 G. Other State Legislative Bills, 48 C. Statutory and Regulatory Move Toward Prevention, 6 H. Conclusions, 49 D. International Distinctions, 8 IX. Developing State and Local Laws, and Federal E. Present Day Challenges in Defining Privacy and Agency Actions and Legislative Proposals on Enforcement Practice, 9 F. New Technology Driven Privacy Frontiers, 10 Biometrics Usage, 49 A. State Law Developments, 49 G. Growing Discussions of Airport Data Use Cases in the Literature, 10 B. Local Restrictions, 51 C. Federal Agency Actions and Legislative Proposals, 52 III. Airport Data Use Cases, 11 A. Use Case Domain #1—Technology Services–PPA, 12 X. Interplay of Privacy and Open Government B. Use Case Domain #2—Security and Terminal Records, 54 Operations–Biometrics, 14 A. Provisions for Open Government, 54 C. Use Case Domain #3—Landside Operations– B. Public Records and Retention, 55 Automated License Plate Recognition (ALPR), 16 C. Trends in State FOIA Provisions, 55 D. Use Case Domain #4—Airport Digital Landscape XI. Payment Card Industry Data Security Standard (Websites, Mobile Apps, e-Commerce, Wi-Fi and CRM), 18 (PCI DSS) and Airports, 57 A. Contractual Duties and Liabilities, 58 E. Use Case Domain #5—Health Checks–Temperature Screening, 20 B. Model Industry Standard, 58 F. Conclusion, 22 XII. International Efforts, 59 IV. Developments in Federal Constitutional A. GDPR, 59 B. Bilateral Agreements to Enforce GDPR Principles, 61 Protections, 22 C. The Cookie Law, 62 A. Carpenter and the Contours of Privacy Protections, 22 D. Other International Efforts, 62 B. Recurrent Themes in Supreme Court’s Privacy Analysis, 24 E. Conclusions, 63 V. Survey of Federal Statutory Provisions and XIII. Policy Considerations and Contractual Federal Agency Actions, 26 Provisions for Data Collection and Usage, 63 A. Early Federal Statutory Efforts to Address Privacy, 26 A. Policy Considerations, 63 B. Additional Federal Statutory Provisions, 29 B. Contractual Issues, 67 C. Federal Agency Actions, 34 XIV. Resource Guide, 69 VI. Federal Enforcement Activities and Other A. Resources Identifying State Laws on Data, 69 B. Resources Identifying State Laws on Records Retention Federal Initiatives, 35 and Freedom of Information, 69 A. FTC Enforcement Activity and the Creation of C. Resources on Federal Law for Consumer Protection, 69 “Privacy Common Law”, 35 D. Resources on International Law, 70 B. Rulemaking Authority, 40 E. Resources on Technical Issues Relative to Privacy and C. Advocacy and Education, 40 Data Protection, 70 D. Other Executive Branch and Congressional F. Sample Airport Privacy Policies, 71 Initiatives, 41 E. Future Trends, 41 XV. Conclusions, 71 VII. Overview of State Constitutional Privacy APPENDIX: Airport Technology and Privacy, 73 Protections, 41