Aer Lingus Email:Gathering data for US Department of Homeland Security

Reply from Datacommissioner Office re the above

"I refer to your earlier enquiry in relation to passenger data being submitted to Aer Lingus for transfer to the U.S. Department of Homeland Security.

Section 2D of the Data Protection Acts 1988 & 2003 covers the fair processing of personal data. Section 2D (2) states that you should be aware of the following:

(a)the identity of the data controller,
(b) if he or she has nominated a representative for the purposes of this Act, the identity of the representative,
(c) the purpose or purposes for which the data are intended to be processed, and
(d) any other information which is necessary, having regard to the specific circumstances in which the data are or are to be processed, to enable processing in respect of the data to be fair to the data subject such as information as to the recipients or categories of recipients of the data, as to whether replies to questions asked for the purpose of the collection of the data are obligatory, as to the possible consequences of failure to give such replies and as to the existence of the right of access to and the right to rectify the data concerning him or her.

From the information given Aer Lingus have met all obligations under our Acts. If one of the requests was for bank details then the information would have to be encrypted or inputted to a secure site.

Hope I've clarified the query for you."

C
 
Is the same additional information required when flying to the US with any of the American based carriers? My sister booked a flight to New York recently with Continental travelling in November. That information wasn't requested at the time of booking and as far as I know, haven't been asked for since.
Anyway, apart from the US address, aren't all the details listed as required available on machine readable passports which we all have to have going to the States?
 
Capaill said:
If one of the requests was for bank details then the information would have to be encrypted or inputted to a secure site.
Click to expand...
It's not clear if this rule for bank information is from the legislation, or simply a matter of best practice. If the latter, it may well be that the practice should really be extended to cover all confidential information (including passport details), but the issue simply hasn't come up before.
 
Ash - the main point is not that they are gathering the information. Most people accept that if you want to enter a country you follow their rules or you don't go - so if the US authorities want this information before letting you in then so be it.

The main point is that Aer Lingus are asking people to send the information by email. Email, while not entirely easy to intercept is totally insecure - if someone did intercept it they could read off all the details no problem. Like I said above - the banks and credit card companies are pretty unanimous that you shouldn't send your credit card details to anyone by email precisely because it is insecure. Why should passport details be any different. It doesn't affect me because I'm not flying there, but if I do need to fly there I will fax them my details.

z
 
I can't see any problem in giving them the info on the morning of the flight. There is no specific requirement that they need the information weeks before hand.
 
I will be travelling to the US later this year with AA and I definitely wasn't asked to provide this information. I would normally have provided the information requested of gentle 123 at immigration control.

Marion
 
from the data commissioners site.
The Data Protection Acts, 1988 and 2003 do not detail specific security measures that a Data Controller or Data Processor must have in place. Rather section 2(1)(d) of the 1988 Act places an obligation on persons to have appropriate measures in place to prevent "unauthorised access to, or alteration, disclosure or destruction of, the data and against their accidental loss or destruction."
Click to expand...

I think that the data commissioner's response simply skirts the issue.

Aer Lingus have an obligation under the act to "prevent unauthorised access to, or alteration, disclosure or destruction of, the data and against their accidental loss or destruction." By seeking this information by unsecure email I believe that they are operating in contravention of the act.

ajapale
 
The following was received by me a month ago before a trip to the USA - I see the difference is that one inputs the info via their website versus sending back an e-mail to them. One assumes some form of protection via their website as you need the booking ref to "manage your booking". At least I hope so !!

Dear Sir or Madam:

Your booking reference includes travel to and/or from the USA.

The U.S. Department of Homeland Security (Bureau of Customs and Border Protection) requires certain Advance Information about all passengers travelling to and/or from the USA.
Airlines must have this information before passengers can be checked in for flights to and/or from the USA.

For your convenience, and to reduce queuing time at check-in, you can now input this information on-line at www.aerlingus.com. To add the information to your booking, simply logon to www.aerlingus.com and click on "Manage Booking" from the home page.

The Information required from each passenger is:

- First Name (as on passport)
- Family Name (as on passport)
- Gender
- Date of Birth
- Citizenship
- Passport Number and Alien Resident Card Number (Green Card) if applicable
- Passport Country
- Expiry Date of Passport
- Address while in USA (including ZIP Code)

Thank you for your time


Kind Regards,
Aer Lingus Customer Contact Centre



"This email is generated by computer and does not accept replies.
Please do not send email to this address as they will not be responded to"
 
Don't send information by email; it is not secure. Although, having said that, you are required to provide the information to the airline before flying to the USA. If you booked your flight on aerlingus.com then you should be able to access your booking and enter the details securely.
 
Just wondering if filling in this information means you no longer have to fill out a form at the airport?
 
No, you still have to fill in the green form, all the information provides is advanced information on who is flying to the US.
 
You must log in or register to reply here.
Back
Top