If you're a customer of Delta Air Lines, American Airlines or United Airlines, it's likely that data about your domestic flights—including your name, itinerary and payment details—has been sold to U.S. Customs and Border Protection (CBP), according to documents obtained by the independent outlet 404 Media.
CBP says it uses this data to help state and local law enforcement track the air travel of people of interest. But civil liberties advocates and lawmakers say the Department of Homeland Security's (DHS) approach is deeply concerning, warning that it may bypass standard legal processes.
"The big airlines, through a shady data broker that they own called ARC, are selling the government bulk access to Americans' sensitive information, revealing where they fly and the credit card they used," Sen. Ron Wyden, D-Oregon, said in a statement, according to 404 Media.
Documents obtained by the outlet through a Freedom of Information Act request show that the Airlines Reporting Corporation (ARC), a private company owned and operated by at least eight major U.S. airlines, explicitly advises government agencies not to disclose ARC as the data source.
The travel data is then sold through ARC's Travel Intelligence Program, or TIP, which can reveal a person's "paid intent to travel," including tickets purchased through travel agencies like Expedia.
A statement of work document reviewed by 404 Media describes the data from TIP as "crucial" to both administrative and criminal investigations. It also states that ARC asked CBP not to publicly identify the company as the source of the reports unless "compelled to do so via a valid court order or subpoena," and only if ARC is given immediate notice.
Additional reporting shows that ARC's board includes representatives from Delta, Southwest, United, American Airlines, Alaska Airlines, and JetBlue, as well as foreign carriers such as Lufthansa, Air France, and Air Canada.
ARC's contract with CBP began in June 2024 and may extend through 2029, according to documents obtained by the outlet.
In a statement, CBP said it is "committed to protecting individuals' privacy during the execution of its mission to protect the American people, safeguard our borders, and enhance the nation's economic prosperity."
The agency added that it follows a "robust privacy policy" and only uses TIP data when there is an open Office of Professional Responsibility investigation and when it needs to locate a person related to that case.
CBP said the data can serve as a "good starting point" for identifying someone's flight history before seeking further information through legal processes. The data applies to both U.S. citizens and noncitizens.
According to 404 Media, the airlines involved either declined to comment, did not respond, or referred inquiries to ARC or DHS.
"ARC has refused to answer oversight questions from Congress," Wyden said. "So I have already contacted the major airlines that own ARC—like Delta, American Airlines and United—to find out why they gave the green light to sell their customers' data to the government."
© 2025 Latin Times. All rights reserved. Do not reproduce without permission.
