Ongoing litigation on behalf of journalist Thomas Brewster and Forbes Media has revealed a few more details about how computerized reservation systems (CRSs) collaborate with the US government to surveil travelers. It has also prompted new denials by some of those CRS companies that range from misdirection to out-and-out lies.
In 2020, Forbes published a report by Mr. Brewster based on a Federal court order (found by Mr. Brewster in the public court docket, but later “sealed” by the government) that directed Sabre, one of the three major CRS or “global distribution system” (GDS) companies, to provide ongoing real-time reports to the FBI on any reservations made for travel by a specified person of interest. The court docket for a separate case in a different Federal district showed that at least one similar order had been issued to Travelport, another of the three globally dominant CRS companies.
Petitions by Mr Brewster and Forbes to “unseal” and make public these and related court records remain pending. Oral arguments in two of these cases are scheduled to be heard by a 3-judge panel of the 9th Circuit Court of Appeals in San Francisco on August 12, 2022.
In the meantime, some of the disputed records have been unsealed, including orders issued in 2015 directing Sabre and Travelport to snitch to the FBI on any reservations for travel by one Aleksei Burkov, but not to disclose to Mr. Burkov or anyone else that the reservation companies had received or acted on this order.
All airlines, and thus all of the CRS/GDS companies to which they outsource hosting of their “passenger name records” (PNRs) or reservation databases, are already required by US laws and regulations to provide components of the Department of Homeland Security with “Secure Flight” information about all passengers booked on flights within the US, and “Advance Passenger Information” (API) and complete mirror copies of PNRs for all international flights to, from, via, or overflying the US. The DHS has a well-developed system of TECS alerts to provided automated notice to US law enforcement officers of planned international travel by persons of interest, or of reservations meeting criteria such as the inclusion in a PNR of a specified phone number, email address, IP address, etc.
So the only reason for the government to seek additional ad hoc orders to CRS/GDS companies in these or any other cases would be to get advance notice of planned travel by persons of interest between points outside the US.
After the orders to Sabre and Travelport, Mr. Burkov, a Russian citizen and resident, was arrested by Israeli authorities while on vacation in Israel. Mr. Burkov was extradited by Israel to the US, where he was tried and convicted of computer fraud. It’s not clear what role information provided by Sabre and/or Travelport may have played in Mr. Burkov’s arrest. But the Israeli government and homeland-security industrial complex are the leading allies of the US and US companies in the globalization of surveillance and control of movement, as chronicled by journalist Todd Miller in his 2019 book, Empire of Borders.
According to Mr. Brewster’s latest report in Forbes, “Neither Sabre nor Travelport would comment on whether they fought the orders or complied, though there are no filings on the court docket showing the companies pushed back.”
As we noted earlier in relation to this case, neither Sabre, Travelport, Amadeus (the third major CRS/GDS company), nor any other airline, travel agency, or provider of related travel reservation IT services has ever published a “transparency report”, such as those published by some other Internet companies, describing what information they have been compelled to provide to government agencies. Nor have we found any indication that any of these companies has ever, in any country or jurisdiction in the world, tried to contest any government demand for disclosure of information from passenger reservations.
Perhaps the most notable items in Mr. Brewster’s latest article are the false and/or misleading responses he got from spokespeople for Sabre and Travelport.
Mr. Brewster reports that a Sabre spokesperson told him, “We take seriously our obligation to protect data of Sabre users and to follow the law.”
That’s sort-of true, but irrelevant at best, and misleading at worst.
Sabre does make some efforts to protect the data of Sabre users. But Sabre’s “users” are airlines, travel agencies, and other travel companies — not travelers. Travelers’ data is routinely made available by Sabre and other CRS/GDS companies not only to US and other government agencies but publicly, without even passwords, through online check-in, PNR viewing, and remote stalking sites and apps such as Sabre’s VirtuallyThere.com.
As for “following the law”, there is no US data protection law applicable to PNR data. And the “third party doctrine” in US law allows Sabre and other CRS/GDS companies to disclose whatever data they choose, to whomever they choose (including government agencies), without the knowledge or consent of the individuals to whom that information pertains. Sabre, Travelport, and Amadeus all ignore the data protection laws in Canada, the European Union, and other countries.
Since these companies don’t keep any logs of access to PNR data, it’s impossible even for these companies themselves to tell, after the fact, with which government agencies (or other entities) around the world PNR data has been shared. Neither these companies nor any of their airline or travel agency users would be able, even if they wanted to, to comply with legal mandates to provide an accounting of data disclosures.
Travelport’s comments, as reported in Mr, Brewster’s latest story, go beyond mere misdirection to the most brazen and categorical lies imaginable:
Travelport’s records only indicate where a travel booking has been made but do not confirm whether the individual in fact traveled on that booking…. Travelport does not systematically or routinely provide personal data to government agencies, nor does it provide large scale data or back door access to United States law enforcement, intelligence services or other governmental agencies.
The only true thing in this statement is that Travelport’s provision of access to personal data by the US government is not a “back door” feature. It’s an advertised “front door” core feature of Travelport’s services to airlines — as it is for Sabre and Amadeus. Each of these CRSs provides its airline customers with a complete suite of tools for entry, storage, and transmission to government agencies, in government-specified formats, of Secure Flight, API, and/or PNR data about all passengers to, from, within, or overflying the US or any other country with a similar mandate for airlines to report on their passengers to the government.
Contrary to Travelport’s claim, PNRs generally do show whether each flight segment was flown or canceled. While it is possible for a reservation to be canceled or for a passenger to “no-show” a flight without that fact being reflected in all of the PNRs for that reservation, if there are PNRs (as there often are) in more than one CRS, the goal of all of the CRSs is to make sure that cancellations and no-shows are synchronized across all of the PNRs for the reservation. If a passenger doesn’t travel, the PNRs will typically show cancellation of the sgement (and the rest of the flight itinerary) by the airline as a no-show.
The biggest lie of all, of course, is the claim that “Travelport does not systematically or routinely provide personal data to government agencies, nor does it provide large scale data… to United States law enforcement, intelligence services or other governmental agencies.
This claim is clearly false, clearly intended to mislead and defraud travelers about Travelport’s collaboration with government travel surveillance and control — and would be actionable if there were any data protection law in the US applicable to companies like Travelport, which there isn’t.
The claim that transfers of personal data from Travelport (and its competitors, including Amadeus) is other than systematic, routine, or large scale is patent nonsense.
Apparently Travelport thinks that it can lie to the public with impunity about its role in mass surveillance of travelers by the US and other governments
While in many cases airlines use intermediaries to extract Secure Flight, API, and PNR data from CRSs and pass it on to US and other government agencies, Travelport and other CRSs willingly hand over that data, on the largest possible scale, for every passenger on every flight that touches the US or any of the other countries with similar mandates, knowing full well that this data is destined for government agencies.
And all airline reservation hosting companies have, by DHS mandate, built functionality into their software to prevent any boarding pass from being issued unless and until, after sending information from the reservation to the DHS, the DHS responds with per-passenger, per-flight permission in the form of a positive “boarding pass printing result”.
Sabre, Travelport, and Amadeus are the most important partners of the US and other governments in surveillance and control of air travel. The willingness of these CRS/GDS companies to build bidirectional, large-scale, real-time data links with the DHS and other government agencies, without legal challenges that could have delayed and publicized the implications of these government demands, has been essential to the integration of government surveillance and control into the core IT infrastructure of the airline industry.
Don’t be fooled: When you book a flight through Sabre, Travelport, or Amadeus, you also book with the DHS and other US government agencies. And as the most recently unsealed court documents confirm, that holds true even if you aren’t a US citizen, don’t live in the US, and are traveling on a non-US airline between points entirely outside the US.