In the wake of the sudden demise of Clear and questions about what will happen to the personal information it collected on air travelers, leaders of the House Homeland Security Committee have sent a letter (pdf) to the Transportation Security Administration (TSA). In the letter, the committee notes that
While TSA mandated many data collection requirements for these private sector service providers, it appears that TSA allowed the private sector to determine a method of storage and disposal of extremely sensitive personal information. It is our understanding that TSA’s directives are silent on the disposal of data in the event of a company’s merger, buyout, or bankruptcy.
The committee asks TSA a series of pointed questions, including whether TSA has requested the parent company, Verified Identity Pass, to provide a plan for secure document deletion, destruction, or transfer, and whether TSA has communicated with VIP or Lockheed Martin about how long they intend to maintain the core membership database and how they will secure it.