November 1, 2006
By John S. Yodice
AOPA Legal Counselor John S. Yodice has been a pilot for more than 35 years and owns a Cessna 310.
Pivacy and identity theft are hot topics in today's computerized environment. You may be interested to know that these concerns specifically affect pilots as an identifiable group. That's because most pilots have been voluntarily giving their Social Security numbers to the Federal Aviation Administration. The FAA has been asking for them routinely on pilot and medical certificate applications for some time. It provided a convenient numbering system for FAA certificates. And — in a spirit of cooperation with the Friendly Aviation Administration (as most pilots view the FAA), and maybe without really thinking about it — most pilots have been giving their Social Security numbers.
Well, a couple of events may cause those pilots with a heightened concern about the privacy of their personal information to rethink whether they really want to continue to voluntarily give their Social Security numbers to the FAA. The FAA airman application forms still ask for Social Security numbers.
We first addressed this issue in this column earlier this year (see " Pilot Counsel: Pilots and Privacy," January Pilot). We learned that in 2003, the Department of Transportation (DOT, which includes the FAA) and the Social Security Administration initiated a joint effort to match the FAA records of some 40,000 pilots residing in the northern half of California (that's probably most, if not all, of them) to investigate the misuse of Social Security numbers by pilots. The matching did produce a handful of criminal prosecutions and a handful of FAA certificate actions. But, as best as we can tell, the 40,000 California pilots, overwhelmingly innocent and law abiding, were not notified that their voluntarily provided Social Security numbers on the FAA records were being computer matched against Social Security computer records. As we will see, apparently these or similar efforts are still going on.
We now learn from the DOT inspector general that in July of this year a laptop computer was stolen from a government vehicle in the Miami area. The laptop contained personal identification information on more than 42,000 Florida pilots, including names, addresses, birth dates, and Social Security numbers. The laptop also included data on 80,000 to 90,000 motorists holding Florida commercial driver's licenses. These databases were not lists of individuals under investigation, as one might expect. Instead, taking the pilot lists, for example, they were blanket lists of Florida pilots who obtained their airman certificates after March 2003. The inspector general (IG) tells us that the information was being used in connection with multi-agency task forces focusing on the use of fraudulent information to obtain pilot certificates. Of course, the 40,000-plus innocent pilots were not warned that their private information, voluntarily given, was being used this way. And, from the IG reports, it certainly sounds as if these databases of Florida residents were being used for the same or similar purposes as in the California incident. This circumstance raises the suspicion that there are similar lists of pilots in other states that are being subjected to computer matching based on voluntarily given Social Security numbers, without the pilots' knowledge or consent.
Interestingly enough, this theft is the latest in a string of embarrassing data breaches reported by a number of federal agencies, including the departments of agriculture, energy, the Navy, Veterans Affairs, the Social Security Administration, and even the Internal Revenue Service. One incident that got quite a bit of publicity was a May burglary in which the thieves took a laptop and an external hard drive containing the names, birth dates, and Social Security numbers of as many as 26.5 million veterans and active duty servicemen. The equipment was eventually recovered and two men were charged with the theft.
After the Florida laptop theft, AOPA President Phil Boyer sent a firmly worded letter to the DOT's inspector general. The letter was a follow-up to Boyer's phone conversation with the inspector general right after AOPA learned about the incident. As noted, the laptop, stolen from a government agent's car, included the identification and Social Security numbers of some 42,000 pilots, all the information a thief needs to obtain fraudulent credit cards or loans. Boyer told the DOT inspector general that AOPA members were "outraged that such sensitive personal information would be left unsecured. This underscores the need for your office to protect pilots' information from being compromised. I strongly urge you to take the necessary steps to recover the laptop and prevent this type of security breach from being repeated in the future."
So, this seems an appropriate time to remind pilots about their legal rights as they apply to this situation. The Privacy Act of 1974 prohibits any federal, state, or local government from denying an individual any right, benefit, or privilege provided by law because of the individual's refusal to disclose his Social Security number. Specifically for airmen certificated by the FAA, for example, there is a Privacy Act Statement on the Application for Airman Medical Certificate, required by the Privacy Act, that tells pilots, "Submission of your SSN is not required by law and is voluntary. Refusal to furnish your SSN will not result in the denial of any right, benefit, or privilege provided by law." (I should mention that there are limited exceptions to this law that pilots may run into in other areas of their lives, but the exceptions don't apply here.)
In light of this law, and the uses to which voluntarily given Social Security numbers are being put, and the actuality of theft of this information and possible misuse, pilots may wish to rethink disclosing Social Security numbers. Many pilots already have their Social Security numbers on file with the FAA. Some pilots may now want to ask the FAA to expunge their Social Security numbers from their FAA records, including FAA records that are now out in the field, previously released by the FAA for computer-matching purposes.
Pilots are overwhelmingly law abiding and cooperative with governmental authorities. They especially support government efforts to prosecute persons who use fraudulent information to obtain pilot certificates. Such persons do not belong among the ranks of pilots. Pilots have historically evidenced their cooperation with the FAA by allowing their Social Security numbers to be used as their pilot certificate numbers, in overwhelming numbers. But there may be many now who do not appreciate the misuse of voluntarily given personal information for computer-matching purposes when they were not specifically and clearly advised that this was a purpose for which this information would be used.
The FAA has already taken an important step to remedy the situation. The FAA now issues all original airman certificates with a unique certificate number. It no longer assigns Social Security numbers as certificate numbers. But be aware that if your current certificate has your Social Security number on it, the FAA will continue to issue that number unless you request another number. You can request another number, and get a new certificate with that number, by writing to: Federal Aviation Administration, Airmen Certification Branch, AFS-760, Post Office Box 25082, Oklahoma City, Oklahoma 73125-0082.
You also can request that the FAA remove your Social Security number completely from its official records. You also can accomplish all of this online at the FAA Web site (and even download a Request for Change of Certificate Number that you can complete and mail). If you do so, it will be interesting to see what the FAA will do about the laptops and other records that have already been released to FAA and DOT personnel for the investigations we have mentioned or any other unpublicized computer-matching programs.
Department of Transportation,
Pilot Health and Medical,
The Aircraft Owners and Pilots Association (AOPA) welcomed a Sept. 18 Federal Aviation Administration (FAA) announcement that it would host a “call to action summit” to address the barriers and potential challenges associated with equipping tens of thousands of aircraft for Automatic Dependent Surveillance-Broadcast (ADS-B) by the Jan. 1, 2020 deadline. ADS-B is a critical component of the NextGen air traffic modernization program.
The FAA announced Sept. 18 that it would host a “call to action summit” to address the barriers and potential challenges associated with equipping tens of thousands of aircraft for ADS-B, a move welcomed by AOPA.
Changes to departure and arrival procedures in Dallas/Fort Worth International Airport airspace will take effect Sept. 18, and AOPA is cautioning pilots to plan ahead for the new procedures.
VOLUNTEER AT AN AOPA FLY-IN NEAR YOU!
SHARE YOUR PASSION. VOLUNTEER AT AN AOPA FLY-IN. CLICK TO LEARN MORE >>>
VOLUNTEER LOCALLY AT AOPA FLY-IN! CLICK TO LEARN MORE >>>
BE A PART OF THE FLY-IN VOLUNTEER CREW! CLICK TO LEARN MORE >>>