28 March 2012
Support our work: become a Friend of Statewatch from as little as £1/€1 per month.
MEPs fear that new PNR agreement
fails to protect citizens' data
Justice and home affairs - 12-07-2007 - 12:17
The European Parliament looked into the recent agreement signed
by the EU-US administration for the transfer of air passengers'
data and concluded in its resolution that the new deal still
fails to offer an adequate level of data protection and it has
been concluded without any involvement of parliaments from both
sides, lacking democratic oversight.
While recognising the difficult conditions under which the
negotiations took place, MEPs regret that the EU-US agreement
for the transfer of Passenger Name Records (PNR) is "substantively
flawed", in particular by "open and vague definitions
and multiple possibilities for exception".
Even though Parliament welcomed the provision that existing data
protection law for US citizens (US Privacy Act) will be extended
administratively to EU citizens' data processed in America, MEPs
felt there is still much more to be improved. Some of their main
concerns regarding the new agreement are:
USE: The handling, collection, use and storage of personal data
from air passengers by US Department of Homeland Security is
not founded on a legal agreement but on non-binding assurances
remitted in a letter, which can be unilaterally changed.
PURPOSE: PNR transfer is not limited to fighting terrorism, it
can also be used for other "unspecified additional purposes"
by the US government.
SENSITIVE DATA: Information regarding ethnic origin, political
opinions, sex life of the individual, etc. will be also made
available and can be used by the US Homeland Security Department
in exceptional cases.
ACCESS: The fields of data which can be accessed from each PNR
file have been reduced from 34 to 19, but "the reduction
is largely cosmetic due to the merging of data fields instead
of actual deletion."
RETENTION PERIOD: Data can be retained for longer periods with
the new agreement: from 3.5 years to 15. Besides that, PNR data
will be kept for seven years in "active analytical databases",
leading to a big risk of massive profiling, contrary to EU principles.
THIRD COUNTRIES: Parliament strongly opposes to the fact that
third countries in general may be given access to PNR data if
adhering to specified conditions by the US government. The EU
has accepted "not to interfere" concerning the protection
of EU citizens' PNR data shared by the US with third countries.
Finally, MEPs demand the Commission to clarify Commissioner Frattini's
statements regarding the possible creation of an EU PNR system
to be used in Europe and called national parliaments of Member
States to examine the present draft agreement carefully.
European Parliament press release
Spotted an error? If you've spotted a problem with this page, just click once to let us know.
Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author. Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement. Registered UK charity number: 1154784. Registered UK company number: 08480724. Registered company name: The Libertarian Research & Education Trust. Registered office: MayDay Rooms, 88 Fleet Street, London EC4Y 1DH. © Statewatch ISSN 1756-851X. Personal usage as private individuals "fair dealing" is allowed. We also welcome links to material on our site. Usage by those working for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law.