SWEDEN: Authorities waiting for EU PNR Directive to upgrade passenger surveillance systems

Support our work: become a Friend of Statewatch from as little as £1/€1 per month.

Police seeking information on airline passengers in Sweden have to receive it by fax or collect it from airlines in person, but are apparently waiting for EU legislation on Passenger Name Records before setting up digital databases.

According to a report in The Local:

"Sweden is in the spotlight for failing to introduce a digital database to help airlines share passenger lists with police, despite EU regulations dating back to 2004, which call for the automatic transfer of customer information.

"Under Swedish law, police can ask airlines to provide access to passenger lists in advance of flights taking off, but this information has to be faxed over or collected from airline offices in person, whereas in most major EU nations it can be automatically passed on via secure digital databases set up following a 2004 EU directive.


"But Sweden's Home Affairs Minister Anders Ygeman blamed Swedish police and the EU for the situation when contacted by The Local.

"'We have the legislation to do it [set up the database] but the police have chosen not to make it automatic yet,' he said.

"The minister said that things were set to change when new EU legislation on passenger name records came into force."

The 2004 API (Advance Passenger Information) Directive (pdf) was passed following the Madrid train bombings in 2003 and requires the transmission by air carriers of various pieces of information regarding individuals and flights:

  • the number and type of travel document used;
  • nationality;
  • full names;
  • date of birth;
  • border crossing point of entry into the Member States;
  • code of transport;
  • departure and arrival time of the transportation;
  • total number of passengers on the transportation; and
  • the initial point of embarkation.

    Sweden is not the only country that has failed to properly implement the Directive. A 2012 evaluation (pdf) carried out for the European Commission found that "the vast majority of Member States' legislation is not fully in conformity with the Directive."

    The Directive only covers flights entering the EU, but the UK recently proposed (pdf) a new legal framework that would oblige airlines to pass on information relating to intra-EU flights as well.

    The proposed PNR Directive, meanwhile, requires the transmission of personal information gathered by travel agents and airlines during the sale and processing of a travel ticket.

    MEPs in the Parliament's Civil Liberties Committee blocked the measure in 2013 and are now under significant pressure to reach agreement with the Council. MEPs have called (pdf) for talks on the PNR Directive to go "hand-in-hand" as those on the new Data Protection Regulation.

    However, Sweden has also received over €1 million from the European Commission for the development of a national Passenger Information Unit (PIU), which would be responsible for receiving and processing Passenger Name Records and developing profiles in an attempt to find people who may be involved in terrorism and serious crimes.

    14 Member States have received funds totalling €50 million from the Commission, and there is a long-term goal to interconnect national PNR systems. Sweden may not have to wait for EU legislation to enhance its surveillance and profiling of air travellers.

    Further reading

  • 'Travel surveillance: Commission attempts to soothe PNR critics with "workable compromise"', Statewatch News Online, January 2015
  • 'Travel surveillance: PNR by the back door', Statewatch News Online, October 2014

    Our work is only possible with your support.
    Become a Friend of Statewatch from as little as £1/€1 per month.


    Spotted an error? If you've spotted a problem with this page, just click once to let us know.

    Report error