EU PNR scheme
Irish Presidency seeking to push through plan for the surveillance of travel



The Irish Presidency of the Council of the European Union is trying to get through the adoption of the Spanish government proposal for the collection and vetting of passenger data in the EU by 30 April 2004. This is because the proposal is a member state initiative and under Article 67.1 of the Treaty establishing the European Community (TEC) member states will lose this power after this date.

As "significant differences remain on the scope and detail" the Irish Presidency has put forward a "compromise proposal". This leaves for the future decisions on the issues of applying the "measure to other carriers, the use of biometric data and the inclusion of data on transit arrangements". It is based on limiting the proposal, for now, to "air and sea carriers" (ie: not travel by land).

The "compromise" includes the UK demand that personal data has to be sent "in advance of departure" (that is, at the time of check-in/before boarding).

How the different drafts have changed



Statewatch's coverage in December, EU plan for wholesale security checking for every traveller, dealt with the draft proposal up to 12 November. Three further drafts are now available, those of 24 November, 17 December and the Irish "compromise" of 9 January 2004. The last two are the most interesting as the December version reveals the main differences between government positions and the January version shows what has been left in or taken out from the December version.

1. The scope of the proposed Directive has undergone a number of changes. The first draft, in March 2003, said data was to be passed over on all "people" entering the EU. In the July 2003 draft this had been replaced by data on "foreign nationals" thus excluding EU citizens. The 12 November draft replaced: the transmission of data on third country nationals" to "the transmission of advance passenger data" thus again covering all passengers (which is in the current text).

The Recitals in the December draft shows that the measure has two purposes under Article 62(2)(a) "checks" on "persons" at borders and 63(3)(b) on illegal immigration (these Articles are in Title IV TEC whose full title is: "Visas, Asylum, Immigration and other Policies related to Free Movement" - the second purposes is often forgotten). If the purpose is only to tackle illegal immigration, as Commissioner Vittorino claimed in the European Parliament on 16 December 2003, then Article 62(2)(a) should be deleted.

2. In December 2003 Sweden maintained a reservation "on the whole text".

3. The current January "compromise" leaves Article 1 unchanged. This refers to "improving border controls" (Article 62.2.a) and "combating illegal immigration" (Article 63.3.b) by the handing over of "advance passenger data" - note "passenger" not "foreign nationals"

4. Article 3 in the January "compromise" substitutes the term "in advance of departure" instead of "at the end of boarding checks". This accepts the position of the UK and Netherlands governments that checks can be carried out before people board a plane (or ship) and would allow a board/not board vetting procedure to be operated.

5. Article 4 is unchanged. Under this Member States may establish an obligation on carriers to notify the authorities if a person does not use their return ticket and leaves the EU.

6. Article 6 covers data protection. As predicted in Statewatch's December analysis this Article has been re-written. Article 6.1. refers to the data collected by the carrier on all passengers being passed to "authorities responsible for carrying out checks on persons at external borders" (Article 3.1), and Article 6.2 refers to passing of data on the non-return of passengers who do not use their return tickets to "authorities responsible for combating illegal immigration" (Article 3.4).

Article 6.1, on all passengers, says that personal data must be sent by the carriers to the "authorities responsible for carrying out checks on persons at external borders for the sole purpose of facilitating the performance of such checks". These "authorities" will save the data "in a temporary file" and after passengers have entered entered their country of destination the "authorities shall immediately delete the data transmitted by the carrier". In previous drafts the UK was opposed to the deletion of data - in the December version the UK "maintained a general and scrutiny reservation on the new text of Article 6".

So what does this mean in practice?

Personal data on all passengers has to be passed over to the "authorities" responsible for checks at external borders. Who are these "authorities"? They are the police, immigration and security agencies who check each person against their national intelligence databases and the Schengen Information System.

As this information has to be passed over "in advance of departure" (ie: before boarding) these agencies can vet all passengers and put them into three categories:

"Green": OK to board
"Yellow": either request questioning at point of departure or on arrival, or place under surveillance on arrival
"Red": issue refusal of boarding notice.

The positive aspect of the proposal is that the travel records on all passengers will be deleted from carrier and agencies files - though expect the latter to change later. The problem aspect is those tagged as security, criminal or immigration risks (Yellow or Red) whose data will be kept, and added to, on the agencies' databases. The proposal is quite silent on what happens to these files or the right of access to them.

In effect, EU law enforcement and security agencies will run their own version of the US CAPPS II and US-VISIT schemes (see: Commission did agree that PNR data can be used for CAPPS II testing, but the question is why?
Report and analysis)

Article 6.2 concerns travellers who have not left a member states on a return ticket. The same rules as under Article 6.1 apply except that data need not be deleted within 24 hours if "the data is needed later for criminal prosecution or execution of measures to end illegal presence".

The surveillance of travel - what's in the pipeline?


This proposal to establish an EU version of the US surveillance systems is one of four measures that will be considered over the next few months. They are:

1. The formal agreement with the USA over access to PNR data which the Commission is drafting and which it is expected to pronounce is "adequate" under Article 25 of the 1995 EC Directive on data protection. The European Parliament can only intervene if it is able to show that the Commission has exceed its powers of implementation.

2. As announced in the Commission's Communication on Transfer of Air Passenger Name Record (PNR) Data: A Global EU Approach (16.12.03, pdf) it views the EU-USA deal as a basis for an international agreement. The Commission has sent to the Council a proposal for an international initiative on PNR data transfers through the International Civil Aviation Organisation (ICAO).

3. The Commission will propose "by the middle of 2004" a measure on: "the use of travellers' data for border and aviation security and other law enforcement purposes". It is expected that this will seek to exempt law enforcement agencies from the 1995 Directive.

4. A proposal from the USA for another agreement to subject travellers from the EU to CAPPS II (and the US-VISIT) vetting systems.

Tony Bunyan, Statewatch editor, comments:

"If this measure is adopted the EU will be heading down the same road as the USA with its demand for PNR and the CAPPS II and US-VISIT systems. For now most people will not be kept on file but unknown numbers will be flagged as possible threats to security or immigration rules and be questioned or placed under surveillance."

Documentation


1. Irish Presidency "compromise" dated 9 January 2004: 5183/04 (pdf)

2. Draft dated 17 December 2003: 16119/03 (pdf)

3. Draft dated 24 November 2003: 15165/03 (pdf)

4. Statewatch analysis of previous drafts, December 2003, EU plan for wholesale security checking for every traveller

5. Statewatch Observatory on PNR - USA

6. 1995 EC Directive on data protection

7. Statewatch's coverage in December, EU plan for wholesale security checking for every traveller

8. Replies by governments to questionnaire on Spanish proposal: 13363/03, 15.10.03
9. UK letter agreeing to wider scope: 10952/03
10. Draft 27 October 2003: 11406/1/03
11. Draft 12 November 2003: 14652/03


Statewatch News online | Join Statewatch news e-mail list | Download a free sample issue of Statewatch bulletin

Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author.
Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement.