U.S. Airlines Caught Selling Passenger Data for Warrantless Searches

U.S. airlines have found themselves at the center of a scandal following revelations of large-scale transfers of passenger data to government agencies. According to a contract obtained by 404 Media through a Freedom of Information Act request, the Airlines Reporting Corporation (ARC) — a data broker owned by major carriers including American Airlines, Delta, United, Southwest, Alaska Airlines, JetBlue, as well as Air France, Lufthansa, and Air Canada — has been selling federal authorities access to five billion ticketing records for warrantless searches and monitoring.

The documents reveal that ARC’s database spans more than 270 airlines and is continuously updated through a network of 12,800 travel agencies. It contains passenger names, flight itineraries, and financial details. The U.S. Secret Service holds a contract valued at $885,000 that grants access to this trove until 2028. When asked whether a warrant or subpoena is required to query the system, the agency declined to respond.

The program, known as the Travel Intelligence Program (TIP), is refreshed daily with the previous day’s sales and allows queries by name, card number, carrier, and other identifiers. While it was previously believed that TIP contained around one billion records covering three years, the new contract reveals a far greater scope — five billion documents available for analysis. Journalists report that, in addition to the Secret Service, other agencies — including immigration services, the State Department, the IRS, and the U.S. Marshals — have also purchased access. Court filings cite at least one instance in which the FBI sought ARC data during a narcotics investigation.

The Bureau of Alcohol, Tobacco, Firearms and Explosives (ATF) explained that it uses the system exclusively for active investigations and has imposed strict limits on the number of employees with access. ARC, for its part, stated that TIP was created in the aftermath of the September 11, 2001 attacks and has since been used by intelligence and law enforcement agencies to combat national security threats, terrorism, human trafficking, narcotics, and other serious crimes. The company emphasized that individuals can request to have their personal data excluded.

Meanwhile, Senator Ron Wyden condemned the practice as a violation of Americans’ right to privacy, arguing that it effectively strips citizens of Fourth Amendment protections. He renewed his call to pass the Fourth Amendment Is Not For Sale Act, a bill designed to close loopholes exploited by data brokers. Under mounting criticism from lawmakers and investigative reporting, ARC registered as a data broker in California this June — though Wyden contends the company had for years flouted state law by selling passenger data without proper registration.

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy