MEPs fear that new PNR agreement fails to protect citizens' data
Justice and home affairs - 12-07-2007 - 12:17
The European Parliament looked into the recent agreement signed by the EU-US administration for the transfer of air passengers' data and concluded in its resolution that the new deal still fails to offer an adequate level of data protection and it has been concluded without any involvement of parliaments from both sides, lacking democratic oversight.
While recognising the difficult conditions under which the negotiations took place, MEPs regret that the EU-US agreement for the transfer of Passenger Name Records (PNR) is "substantively flawed", in particular by "open and vague definitions and multiple possibilities for exception".
Even though Parliament welcomed the provision that existing data protection law for US citizens (US Privacy Act) will be extended administratively to EU citizens' data processed in America, MEPs felt there is still much more to be improved. Some of their main concerns regarding the new agreement are:
USE: The handling, collection, use and storage of personal data from air passengers by US Department of Homeland Security is not founded on a legal agreement but on non-binding assurances remitted in a letter, which can be unilaterally changed.
PURPOSE: PNR transfer is not limited to fighting terrorism, it can also be used for other "unspecified additional purposes" by the US government.
SENSITIVE DATA: Information regarding ethnic origin, political opinions, sex life of the individual, etc. will be also made available and can be used by the US Homeland Security Department in exceptional cases.
ACCESS: The fields of data which can be accessed from each PNR file have been reduced from 34 to 19, but "the reduction is largely cosmetic due to the merging of data fields instead of actual deletion."
RETENTION PERIOD: Data can be retained for longer periods with the new agreement: from 3.5 years to 15. Besides that, PNR data will be kept for seven years in "active analytical databases", leading to a big risk of massive profiling, contrary to EU principles.
THIRD COUNTRIES: Parliament strongly opposes to the fact that third countries in general may be given access to PNR data if adhering to specified conditions by the US government. The EU has accepted "not to interfere" concerning the protection of EU citizens' PNR data shared by the US with third countries.
Finally, MEPs demand the Commission to clarify Commissioner Frattini's statements regarding the possible creation of an EU PNR system to be used in Europe and called national parliaments of Member States to examine the present draft agreement carefully.
European Parliament press release
Statewatch News online | Join Statewatch news e-mail list | EU research resources: Joint online subscription
Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author. Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement.