Out of business, Clear may sell customer data
Three days after ceasing operations, owners of the Clear airport security screening service acknowledged that their database of sensitive customer information may end up in someone else's hands, but only if it goes to a similar provider, authorized by the U.S. Transportation Security Administration.
Until this week, the Clear service had given customers a way to skip long security lines in certain airports. For a $199 annual fee, air travelers could be pre-screened for flight and then use Clear's security checkpoints instead of the TSA's. Clear was run by New York's Verified Identity Pass, which also shut down on Monday.
Customers had to provide personal information, including credit card numbers, fingerprints and iris scans in order to participate in the program. After Clear abruptly shut its doors -- it has not yet declared bankruptcy -- some worried that this data could fall into the wrong hands.
"They had your social security information, credit information, where you lived, employment history, fingerprint information," said Clear customer David Maynor, who is chief technical officer with Errata Security in Atlanta. "They should be the only ones who have access to that information."
Maynor wants Clear to delete his information, but that isn't happening, the company said in a note posted to its Web site Thursday.
Clear's IT partner, Lockheed Martin, is working with the company "to ensure an orderly shutdown as the program closes," Clear said. But in a section of the note entitled, "Will personally identifiable information be sold?" Clear acknowledged that it could be used by someone else, presumably if Clear's assets were sold. "If the information is not used for a Registered Traveler program, it will be deleted," Clear said.
Boasting more than 260,000 customers, Clear was the largest private company authorized to provide airport security services, under a TSA program called Registered Traveler. Other providers, who may now be interested in purchasing Clear's assets, include Flo and Preferred Traveler.
Until Clear's demise, Registered Traveler companies operated in about 20 airports nationwide. Once a traveller has registered with any one of these companies, he is given a travel card that can be used for security screening by any company in the Registered Traveler program.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
security
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
