TechCrunch reports that Clear, the Registered Traveler program that enabled passengers to pay exorbitant amounts of money just to breeze through airport security checks, has ceased operations.
The parent company, Verified Identity Pass, Inc.. was reportedly unable to negotiate a deal with its biggest creditor.
So now what happens to all the sensitive personal information that Clear collected? Clear’s privacy policy states:
6. WHAT HAPPENS TO YOUR DATA WHEN YOU ARE NO LONGER A MEMBER
When your account is cancelled for any reason, we will remove your personal information from our system automatically after 90 days. There are some limited exceptions. Our credit card processors require us to retain a record of the financial transactions we conduct for 24 months. This includes your name, credit card number, address, and email address, so we can notify you if the financial transaction is disputed. Also, a copy of your biometric information (but not your name) is retained by the Transportation Security Clearinghouse to prevent fraudulent enrollments under alternate identities.
But will Verified Identity Pass, Inc. remove the data or destroy it? A call to Verified Identity Pass, Inc. went directly to voicemail with no message or information for registered travelers.
Update: Clear may have taken my voicemail to heart, as they have now updated their web site to add:
What will happen to my personal information?
Applicant and Member data is currently secured in accordance with the Transportation Security Administration’s Security, Privacy and Compliance Standards. Verified Identity Pass, Inc. will continue to secure such information and will take appropriate steps to delete the information.
Let’s hope that they securely delete it. But will TSA delete it all, including the biometric data? Or does this mean that Verified will delete its database but the data will still remain in TSA’s database?
WSJ also has an update:
Personal data submitted to CLEAR is held by Lockheed Martin Inc. and can be reclaimed by the Transportation Security Administration, according to Steve Brill, CLEAR’s founder.
Mr. Brill, who left the company in February, said that under the rules established for registered traveler programs, TSA can quickly reclaim the data. In addition, under CLEAR’s contract with members, data cannot be used for any other purpose than an airport security clearance program if there’s a change in control of the company.
Mr. Brill cautioned that those contractual rules with members could have changed since he left the company, but not without notice to members — so any change seems unlikely. Under the contract, the data can’t be sold to a marketing firm, for example.