On September 11, 2001, Canada followed the US in closing its airspace and grounding all aircraft, stranding tens of thousands of passengers on flights to and from the US (mostly on inbound flights from Europe and Asia) at airports like Gander and St. John’s, Newfoundland. The Canadian welcome and hospitality for these travelers became the stuff of legend. But ever since, Canada has struggled to retain sovereignty over its airspace in the face of US “security” demands.
Canadian privacy law was amended, under US pressure, to allow “sharing” with the US government of information contained in reservations for flights between Canada and the US. But most Canadians assumed that the role of the US in determining who is permitted to fly is limited to flights to and from the US.
This month a four-part series by Kevin Dougherty in the Montreal Gazette, syndicated across Canada in the Canwest newspaper chain, has broken open that Canadian complacency about the long reach of US claims to passenger information and “fly/no-fly” decision-making authority:
- U.S. will determine who can board some Canadian flights ((March 5, 2010)
- Will Secure Flight make air travel more complicated for Canadians? (March 5, 2010)
- Agencies refer questions about legality of program: from Air Canada to Transport Canada to Public Safety to transport minister… (March 5, 2010)
- Watching our flights: U.S. security system can deny boarding passes to Canadians flying, even briefly, over its airspace (March 6, 2010)
The series raises serious questions as to the legal basis for denying boarding to passengers on Canadian-flag aircraft not landing in the US on the basis of secret blacklists or decisions by the black-box Secure Flight system in the US.
Since publication of the Canwest series about “Secure Flight”, letters to the editor, op-ed colums, and editorials across Canada have denounced the application of the Secure Flight scheme to Canadian airlines and travelers. Many have pointed out the hypocrisy: As was made evident when all those flights were grounded on September 11th, almost all trans-Atlantic and many trans-Pacific flights to and from the US pass over Canada, but Canada demands no information about who is on those planes and asserts no authority to control who is allowed to be.
On top of all this, there’s another shoe still to fall: Canadians remain unaware that the vast majority of travel agencies, and tour operators in Canada subscribe to computerized reservation systems (CRSs) based in the US. That means all their passenger name records (PNRs) and customer profiles are stored in the USA, even for flight that go nowhere near the US. These travel agencies, tour operators, and other travel companies don’t tell their customers that they have outsourced their travel records to the USA, where the government could get them secretly from the CRS with a “National Security Letter”.
That’s a flagrant violation of the Canadian Personal Information Protection and Electronic Documents Act (PIPEDA). Canadians should complain to their Privacy Commissioner and demand that she take action against companies — of which travel agencies are leading examples — that outsource their customer data to the US without their customers’ knowledge or consent, and without any way to know what’s done with that data once it is in the hands of CRSs in the US.