The National Academies

ACRP 11-01/Topic 12-01 [Final]

Legal Implications of Data Collection at Airports
[ ACRP 11-01 (Legal Aspects of Airport Programs) ]

  Project Data
Funds: $75,000
Research Agency: Crowznest Consulting
Principal Investigator: Donald Zoufal
Effective Date: 12/30/2019
Completion Date: 12/30/2020

As technology continues to evolve, airports and airport users are collecting more and more data from passengers, airport users, tenants, concessionaires, airlines, and others. Airports and their tenants also are beginning to consider whether and how to monetize the data collected. A wide range of functions within the airport environment will utilize this data, including legal, management, operations, marketing, information technology, and planning and development. People who seek to gather and use this data may not consider or be aware of the legal requirements or implications, including those related to public records, data privacy, data breach, and Payment Card Industry Data Security Standard (PCI DSS) compliance.   
The objective of this research was to provide guidance to the collectors of data with respect to the applicable laws, including federal, state, and international, the compliance requirements, and the consequences of non-compliance. The digest includes a survey of applicable law, recommendations for the collection and safe keeping of data, and a review of the issues that arise related to data collection among airports, their tenants, and other users and how to address them.

To create a link to this page, use this URL: http://apps.trb.org/cmsfeed/TRBNetProjectDisplay.asp?ProjectID=4705