I don't get it. Why would CBP and ICE need to buy this from a data broker? The TSA is right there scanning everyone's boarding pass as part of going through security.
I don't get it. Why would CBP and ICE need to buy this from a data broker? The TSA is right there scanning everyone's boarding pass as part of going through security.
Because there is probably a well-defined regulatory framework for accessing data collected by the TSA, whereas there are few or no requirements when the same data is purchased from a broker.
It is not even certain that the data actually comes from the TSA. It could come from airlines, payment companies, etc.
There is no guarantee of quality when purchasing data from a broker.
The regulatory angle at least explains part of my wondering. I'm not really surprised that they have access to this information, I'm just surprised that they buy it, rather than just demanding it be handed over.
Buying has no accountability, no judges. Probably not even a proper paper trail.
They're spending public money, so the cost doesn't matter to them either. With this administration they can get unlimited funding.
When I worked for the federal government I wanted to collect some publicly visible tweets (this was before the Library of Congress started to harvest them, and back when the API was better). As a government employee I had to write a detailed document of: why I needed this data, what PII would be stored, how long it would be stored and how I would ensure it had been deleted. Then that document had to be approved. Even though this is a project that any person could have done on the weekend, I still had to go through all this work for approval, the collect the data.
But you're proposing something even more outlandish, asking another agency for data. The politics of this are mind bending. If one one agency give their data to another and that agency is successful using it it will make the giving agency look bad which is unacceptable. It was wild how many times another, supposedly friendly agency, would not share data. In fact, I was cautioned not to even bring up the idea in shared meetings because it would create unnecessary friction.
If you buy it from a 3rd party government contractor, none of this has to happen.
Probably because the tsa isn't able/allowed to hand out access willy nilly.
It's kinda like how the police need warrants to request cellphone data, but cellphone companies could sell realtime data to third parties who in turn sold it to the police.
https://news.ycombinator.com/item?id=17081684
It's fine to speculate, but I really wish the article had made it explicit given that the EFF has actual lawyers on staff.
Government uses corporations to get around laws and the constitution. Corporations in turn get to use government to get around regulation. Same as it ever was.
Beyond the other reasons stated re: regulations and law, which this government seems to be more than willing to ignore, the process of setting up reliable feeds of usable data between organizational functions can be more difficult than buying the data from an entity whose profit derives from curation and distribution of the same data. It might seem absurd on the surface but paying a premium for a repackaging of the data is often meaningfully easier and more reliable and you probably save money in the end. The TSA tech teams role isn’t to package and enrich data with useful metadata, with documentation and SLAs, and their incentives don’t naturally align no matter how hard a political appointee bangs a table. The data broker has every incentive however, and will continue to in perpetuity.
Suspects purchase a flight weeks + months before the flight. The TSA screens them just minutes before getting on.
Flight purchases would be critical and distinct information for law enforcement.
This is wrong. You need to provide your travel documentation id and they share your personal info well before you get on the plane
Sure but when is that purchase transferred to TSA ? It’s not disclosed . I agree it’s a possibility, but having the flight purchase info is higher value and more complete .
At least 24 hours before your flight when they assign pre or the dreaded SSSS status.
that's helpful i've been curious about that
leave it to hackernews to downvote the right answer. People were asking why , not "should they"
At a company I once worked at, the data division of a company bought a list of their stores from us. Full polygons, visit durations, etc.