You are currently browsing EDRi's old website. Our new website is available at https://edri.org

EDRI-gram

If you wish to help EDRI promote digital rights, please consider making a private donation.


Flattr this

logo

EDRi booklets

Commission's proposal for PNR Directive fails to impress MEPs

9 February, 2011
» 

This article is also available in:
Deutsch: Kommissionsvorschlag zu Passagierdaten kann Europaabgeordnete nicht be...

On 2 February 2011, the European Commission released its proposal for a directive on the use of Passenger Name Records. This would require airlines flying into and out of the EU to give travellers' personal information to national authorities in the Member State of departure or arrival. Such data includes, for example, home address, mobile phone number, frequent flier information, email address and credit card information.

The document is a follow up to the proposal for PNR in 2007, for which the European Parliament, led by rapporteur Sophia in't Veld (ALDE, Netherlands), requested from the Commission, particularly in terms of better justifications regarding the measure's supposed necessity and proportionality.

With a number of databases related to travellers already in existence, such as the Schengen Information System (SIS), the Visa Information System (VIS) and the Advanced Passenger Information system (API), many members of European Parliament were and are sceptical about the necessity of a Passenger Name Record regime.

The scope of the purpose of PNR is widened. Whereas, in the 2007 document, the purposes were preventing and combating terrorist offences and organised crime, now it extends to "serious crimes" (defined as offences which call for a minimum prison sentence of 3 years). As these crimes are not specified, there is, by definition, no way of assessing the necessity and proportionality of all crimes that could be covered by this wording.

The processing of the PNR data outlined in Article 4 stipulates that the Passenger Information Unit (PIU -the body responsible for the storage and management of PNR databases), can use the data for profiling purposes, an issue that has been highly criticised in Parliament. The data can also be compared with other "relevant" databases, while not making clear which databases will be accessed by Member States. PIUs will also be obliged to hand over PNR data at the request of the competent authorities in Member States. Finally, the document proposes using the data to update and create new profiling criteria.

The document indicates that it will "mask" some pieces of data after 30 days of storage. The data is, however, not anonymised - instead, a certain amount of data is "masked" with no actual anonymisation. These pieces of information can be easily re-personalised and, in fact, access to the full PNR data is always available to the Head of the PIU, "where it could be reasonably believed that it is necessary to carry out an investigation and in response to a specific and actual threat or risk or a specific investigation or prosecution."

Furthermore, considering the list of PNR data to be collected, there are a number of personally identifiable information that will not be "masked", such as billing information (including credit card numbers).

The document also prohibits the collection, storage and processing of "sensitive data", defined in the proposal as "any personal data that could reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or data concerning health or sexual life of the individual concerned". In the same paragraph however, it states the PNR data "should contain details on the passenger's reservation and travel itinerary", which include special meal requests which can indicate religious orientation; special service requests that can indicate disabilities or specific medical conditions and billing and contact information.

MEP Sophia in't Veld seems pleased with the document, saying, "we will closely scrutinise the proposals, but at first glance there is a substantial improvement compared to the previous proposals". However, she did indicate that better justification of the necessity of collecting PNR data remains, and that Parliament needs the facts and figures before they can make a well founded decision.

Other members of the European Parliament are not so optimistic. EPP member Manfred Weber (Germany) is sceptical of the necessity of PNR, saying, "there are deficits in the usage of current data. So why should we collect even more mass data?"

"The EU-US PNR agreement is already bad enough", stated German Greens member Jan Albrecht. "The last thing we need to do in Europe is to copy this model, which infringes on the civil liberties of EU citizens."

Claude Moraes (S&D, UK) has concerns about the Commission's proposal to profile individuals and indiscriminately collect personal data, calling on Commissioner Malmström to "urgently come before the European Parliament and to provide precise evidence that massively collecting air travellers' data is an effective and necessary way to prevent terrorists from flying to and from Europe."

Commissioner Malmström is likely to meet with the LIBE committee in the next few weeks to discuss the contentious elements of the proposal. The entire negotiation process in the Council and the Parliament is expected to take around two years.

Proposal for a Directive on the use of Passenger Name Record data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime (2.02.2011)
http://ec.europa.eu/home-affairs/news/intro/docs/com_2011_32_en.pdf

ALDE press release: EP insists on proof of proportionality of data transfer (11.11.2010)
http://www.alde.eu/press/press-and-release-news/press-release/article/...

Proposal for a Council Framework Decision on the use of Passenger Name Record (PNR) for law enforcement purposes (6.11.2007)
http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=COM:2007:0654:FI...

EU proposal for passenger data to fight serious crime and terrorism (2.02.2011)
http://europa.eu/rapid/pressReleasesAction.do?reference=IP/11/120&...

Commission PNR FAQ (2.02.2011) http://europa.eu/rapid/pressReleasesAction.do?reference=MEMO/11/60&...

EU to collect data of international air travellers (1.02.2011)
http://euobserver.com/22/31731

"Does the EU need to collect all air travellers' data?", ask S&D (2.02.2011)
http://www.socialistsanddemocrats.eu/gpes/public/detail.htm?id=135236&...

Greens press release: Passenger data (PNR): Commission proposes system for retaining passenger data based on spurious security grounds
http://www.greens-efa.eu/cms/pressreleases/dok/369/369653.passenger_da...

(contribution by Raegan MacDonald - EDRi)

‹ Data retention law provisions declared unlawful in CyprusupGerman study finds the data retention ineffective ›
Printer-friendly version
 
Site by Floatleft.

Syndicate:

Syndicate contentCreative Commons License

With financial support from the EU's Fundamental Rights and Citizenship Programme.
eu logo