Thursday

2nd Feb 2023

Privacy campaigner: EU-US passenger data deal 'meaningless'

  • All persons travelling to the US are considered potential criminals (Photo: afagen)

A secretive agreement allowing Washington access to all personal information of air travellers to the US, seen by EUobserver, is "meaningless" and "deceptive" from a data privacy point of view, say experts.

The agreement, sealed last week between the European Commission and the US government, is now pending approval by member states and the European Parliament.

Read and decide

Join EUobserver today

Become an expert on Europe

Get instant access to all articles — and 20 years of archives. 14-day free trial.

... or subscribe as a group

It provides a legal basis for what started as an anti-terrorism data sifting programme in the US following the attacks on 11 September 2001: the transfer of data such as private email address, credit card number, travel itinerary, but also "general remarks" made by airline officials on the behaviour of the passenger.

EU commissioner Cecilia Malmstrom on Thursday (17 November) said the agreement "contains robust safeguards for European citizens' privacy," and is legally binding on the US.

But the full text remains secret - despite being of public interest as it deals with mass private data transfers, circumventing EU law on data privacy. MEPs dealing with the dossier have been allowed to look at the agreement only in a sealed room.

US campaigners like Edward Hasbrouck, who has filed several legal complaints in the US against the extensive use and storage of Passenger Name Records (PNR) by authorities, disagrees with Malmstrom's confident assessment of the deal.

"This is theoretically true: It is 'binding', but there is no enforcement mechanism. According to the terms of the agreement, the only remedy for non-compliance is to terminate the agreement for future data transfers," he told this website.

Even in this instance, the US government would still have access to the data, as airlines do not store the PNR information in their own servers, but in US-based "computer reservation systems" to which the Department of homeland security (DHS) has access.

According to the text, "the collection and analysis of PNR is necessary for DHS to carry out its border security mission."

Based on the personal data transferred to the American authorities 92 hours prior to departure, people can be subject to close inspection and interrogation or banned from flying, if they turn out to be on a no-fly list. But such lists are secret and access to them forbidden.

Claiming that personal data collection and analysis is "necessary" for border controls is false, says Hasbrouck. According to the UN Human Rights Committee, measures that hamper freedom of movement have to be proven to be effective and it must be clear that less restrictive alternative would not achieve the same purpose.

"There has been no showing as to why existing legal means - warrants or court orders - would not be sufficient as a means to obtain PNR data in specific investigations," Hasbrouck says.

The wide scope of the potential crimes targeted by the data analysis is also a reason for concern. Apart from suspects of terrorist acts, funding, being a facilitator or "contributing in any other way" to something that may look like a terrorist act, the agreement also applies to "other crimes that are punishable by a sentence of imprisonment of three years or more and that are transnational in nature," the text reads.

This may apply, for instance, to someone suspected of having illegally downloaded American movies or music and distributed them abroad.

Overall, the personal data will be retained for 15 years - five years in an active database and ten in a "dormant" state - where access is more limited and names blackened. "Re-personalisation" can be done, however, "in connection with law enforcement operations and then only in connection with an identifiable case, threat or risk."

The data for cases concerning other crimes than terrorism "may only be re-personalised for a period of up to five years," the agreement says.

Again, Hasbrouck points out that these retention limits "only apply to the DHS copy of the PNR."

The computer reservation systems can keep the original copy forever and there is nothing to stop the US authorities from getting a new copy from the reservation system, something not covered by the PNR agreement.

There are other potential issues too.

Anyone is entitled to access, correct or delete personal data but they are unlikely to be able to get hold of it, as most PNR data is exempt from the Freedom of Information Act.

Unhappy MEPs to approve passenger data deal

The freshly re-negotiated agreement on the transfer of personal data of air passengers flying from Europe to the US still raises privacy concerns, MEPs familiar with the text have said. But a veto by the Parliament is unlikely, however.

Member states to clash with EU parliament on passenger data

The European Parliament is likely to clash with member states over the use of EU air travellers' personal data in the search for suspected terrorists, as the UK is pushing to change a draft bill initially designed for passengers coming from non-EU countries.

EU to tighten privacy rules on air passenger data

The EU commission wants to strengthen privacy rules for sharing personal data of air travellers to the US, Australia and Canada and limit the use of this data strictly to fighting terrorism and serious organised crime.

Agenda

This WEEK in the European Union

Last week's EU summit deal on creating a fiscal compact is set to be dissected in Brussels and beyond with markets already responding with scepticism. MEPs travel to Strasbourg for an end-of-the-Polish-presidency roundup.

US scores victory on EU air passenger screening

A permanent treaty forcing EU companies to tell US authorities what air passengers email addresses and credit card numbers are or if they ever yelled at a travel agent is one step closer to reality.

Opinion

Why the new ECHR Ukraine-Russia ruling matters

The ECHR ruled that Russia was in "effective control" of separatist regions of Eastern Ukraine from 11 May 2014. In doing so, the court has formally acknowledged the inter-state character of the conflict and Russia's culpability for human rights abuses.

Opinion

Greece's spy scandal must shake us out of complacency

The director of Amnesty International Greece on the political spying scandal that now threatens to bring down prime minister Kyriakos Mitsotakis. Activists and NGO staff work with the constant fear that they are being spied on.

Latest News

  1. EU green industry plan could spark 'dangerous subsidy race'
  2. Wolves should be defended, EU ministers urge
  3. EU Commission wants drones for Bulgaria on Turkey border
  4. MEPs rally ahead of vote for gig-economy workers' rights
  5. Europe is giving more aid to Ukraine than you think
  6. Hungary blames conspiracy for EU corruption rating
  7. Democracy — is it in crisis or renaissance?
  8. EU lobby register still riddled with errors

Stakeholders' Highlights

  1. Party of the European LeftJOB ALERT - Seeking a Communications Manager (FT) for our Brussels office!
  2. European Parliamentary Forum for Sexual & Reproductive Rights (EPF)Launch of the EPF Contraception Policy Atlas Europe 2023. 8th February. Register now.
  3. Europan Patent OfficeHydrogen patents for a clean energy future: A global trend analysis of innovation along hydrogen value chains
  4. Forum EuropeConnecting the World from the Skies calls for global cooperation in NTN rollout
  5. EFBWWCouncil issues disappointing position ignoring the threats posed by asbestos
  6. Nordic Council of MinistersLarge Nordic youth delegation at COP15 biodiversity summit in Montreal

Stakeholders' Highlights

  1. Nordic Council of MinistersCOP27: Food systems transformation for climate action
  2. Nordic Council of MinistersThe Nordic Region and the African Union urge the COP27 to talk about gender equality
  3. Friedrich Naumann Foundation European DialogueGender x Geopolitics: Shaping an Inclusive Foreign Security Policy for Europe
  4. Obama FoundationThe Obama Foundation Opens Applications for its Leaders Program in Europe
  5. EFBWW – EFBH – FETBBA lot more needs to be done to better protect construction workers from asbestos
  6. European Committee of the RegionsRe-Watch EURegions Week 2022

Join EUobserver

Support quality EU news

Join us