FlyClear passes privacy audit

In a recent press release, Verified Identity Pass, Inc. - commonly known to US air travelers as FlyClear - announced they had passed a four-month long audit of adherence to their own privacy commitments. This is a rare good-news story that acknowledges the significant concerns raised by privacy groups such as EPIC. To what end their own stated privacy commitments addresses those concerns I will leave to the advocates, but an important disclaimer from the audit report was left out of the press release.

...the projection of any conclusions, based on our findings, to future periods is subject to the risk that the validity of such conclusions may be altered because of changes made to the system or controls, the failure to make needed changes to the system or controls, or a deterioration in the degree of effectiveness of the controls.

I wouldn't even point this out if we were talking about anything but a government-sponsored program/company: periodic auditing is absolutely essential to ensure ongoing confidence in the program. The more consecutive audits passed, the greater public confidence grows. I haven't signed up for the program in part because I was concerned about the privacy of my data. This helps offset my reluctance. The effectiveness of the entire program, of course, is another topic altogether.

1 comment:

Anonymous said...

Clear has now passed all consecutive privacy audits conducted since the first one conducted in 2006. We have just celebrated our third anniversary, with a 90% membership retention rate and about 200,000 sign ups. Clear cards are accepted in 18 US Airports with more on the way.
I wanted to make sure to update your readers.