(Dieser Artikel ist auch in deutscher Sprache verfügbar)
The European Commission(EC) put forward on 6 November 2007 a PNR plan that is almost similar to the EU-USA PNR (Passenger Name Records) agreement. The EU PNR plan is part of a new package of proposals "aimed at improving the EU's capabilities in the fight against terrorism."
According to this proposal, EU will have to collect 19 pieces of personal data on air passengers coming into and leaving the EU space, including phone number, e-mail address, travel agent, full itinerary, billing data and baggage information. The information will be collected in analysis units that will make a "risk assessment" of the traveller, which could lead to the questioning or even refusal of the entry. The data is to be kept for five years and then another eight years in a "dormant" database.
"The availability of PNR data ... is necessary for the purpose of preventing and fighting terrorist offences and organised crime," is the reason expressed by the draft.
In October 2007, Justice Commissioner Franco Frattini told Parliament members that the creation of a PNR database was justified by the high level of terrorist risk for Europe. "The Union is at least as much a potential target of a terrorist attack as the United States, and the use and analysis of passenger name records is an important law enforcement tool to protect our citizens".
However, legal experts, human-rights groups and data-protection activists oppose this plan and find it a threat to privacy.
Tony Bunyan, editor of Statewatch stated: "This is yet another measure that places everyone under surveillance and makes everyone a "suspect" without any meaningful right to know how the data is used, how it is further processed and by whom . We have already got the mandatory taking of fingerprints for passports and ID cards and the mandatory storage of telecommunications data of every communication, now we are to have the mandatory logging of all travel in and out of the EU. The underlying rationale for each of the measures is the same - all are needed to tackle terrorism. Yet there is little evidence that the gathering of "mountain upon mountain" of data on the activities of every person in the EU makes a significant contribution. On the other hand, the use of this data for other purposes, now or in the future, will make the EU the most surveilled place in the world".
MEP Sophie in 't Veld has also made an appeal to the European Commission to make an analysis of the situation in USA and Canada in order to verify the effectiveness of such a system before taking any decision on a similar system in Europe. "EU counter-terrorism policies must be regularly assessed on their effectiveness.their impact on reducing the threat and increasing security, on improving cooperation and exchange between countries and agencies, as well as an evaluation of the cumulative impact of individual measures on privacy and civil liberties," she stated.
The Commission's proposal for EU PNR is proposed as a Framework Decision meaning that the European Parliament is only consulted and its opinion can be ignored as it happens on a regular basis. The European Council can, in its secret working parties, change at will this legislative proposal.
Another question raised is why 2004 Directive on the collection of API (Advance Passenger Information), meant to be applied by all member States by September 2006, is not enough in supporting the fight against terrorism and is not yet applied. The API data is more limited including only name, nationality, passport number, date of birth and the details related to the flight.
The proposal did not take into consideration the opinions of EU's Article 29 Data Protection Working Party which, during the consultation period concluded that they "have not seen any information presented by the Commission that would substantiate the pressing need to process PNR data for the purpose of preventing and fighting terrorism and related crimes or law enforcement". They also stated that "Bulk transfer of personal data, which would include unsuspected travellers to other authorities would be disproportionate, as data may only be provided to an authority if necessary for a given purpose".
Concerning data protection, the draft proposal has in view the Council Framework Decision on the protection of data for police and judicial cooperation that should apply to the proposed PNR scheme as well. However, the decision has not been adopted and offers very little protection to individuals. The decision ignored the opinions of the European Parliament, the European Data Protection Supervisor, and the EU's Article 29 Data Protection Working Party and allows the personal data exchange with third states such as USA.
On the other hand, the draft makes no reference to 1995 EC Directive on data protection covering the collection of PNR data by the airlines.
PNR (passenger name record) scheme proposed to place under surveillance all
travel in and out of the EU (1.11.2007)
http://www.statewatch.org/news/2007/nov/01eu-pnr.htm
Draft Framework Decison on the use of PNR data (22.10.2007)
http://www.statewatch.org/news/2007/oct/eu-com-pnr-proposal.pdf
EU plans anti-terror screening for air passengers (5.11.2007)
http://www.euractiv.com/en/transport/eu-plans-anti-terror-screening-ai...
EU plans to collect personal data on air passengers (4.11.2007)
http://www.reuters.com/article/asiaTopNews/idUSIndia-30328920071104
Fight Against Terrorism: stepping up Europe's capability to protect citizens
against the threat of terrorism (6.11.2007)
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/07/1649&...
EDRI-gram Final agreements between EU and USA on PNR and SWIFT (4.07.2007)
http://www.edri.org/edrigram/number5.13/eu-us-pnr-swift