28 March 2012
USA to use EU PNR data
for CAPPS II testing despite assurances the agreement would not
Nuala O'Connor Kelly, Chief Privacy Officer, Department of Homeland Security in the USA has said that EU-USA agreement on access to PNR (Passenger Name Record) authorises the use of the data for CAPPS-II (passenger profiling and surveillance system) testing. This statement is in direct contrast to the statement made by EU Commissioner Bolkestein to the European Parliament in 16 December when he said that the agreement did not cover CAPPS II and there was no mention at all of the use of EU data for testing. The statement by Kelly also suggests that the full use of PNR data for use with CAPPS II is only a matter of time. See: CAPPS II
Commissioner Bolkestein told the European Parliament on 16 December that:
"The third important success we achieved is that the arrangement will not cover the US Computer Assisted Passenger Pre-Screening System (CAPPS II). The latter will only be considered in a second round of discussions yet to come. In any case, such discussions can only conclude once Congress' privacy concerns have been met, and so far they have not.
In concluding my last round of discussions with Mr Ridge,
I informed him that in the light of the narrower uses for PNR,
the exclusion for now of CAPPS II and all the other improvements
they had made, I was prepared to propose that: The Commission
make a finding of adequate protection with regard to transfers
of PNR to the US Bureau of Customs and Border Protection. The
Commission gave its agreement to this proposal today."
Full-text of e-mail to Edward Hasbrouck:
There should not be any conflicting reports on the use of the data under the agreement with the European Union; I was part of the briefing and it was quite clear: The language of the agreement contemplates the use of data to test - and only to test - CAPPS II.
We also stated publicly that we will immediately begin follow-on discussions with the EU in order to establish a framework for the transfer of PNR data for use by CAPPS II operations once the system has been fully developed and deployed.
Nuala O'Connor Kelly, Chief Privacy Officer, Department of
Homeland Security, Washington, DC 20528
(202) 772-9848 (voice) (202) 772-5036 (fax)"
The present agreement, which still has to be formalised and the European Parliament consulted, only covers access to PNR of passengers boarding a flight to the USA (so-called "wheels up" data). In reality the USA currently has direct access to the reservation database of many national airlines in the EU which means that US agencies have access to those who have booked a flight in advance of boarding. The effect of CAPPS II will allow the pre-screening of passengers who have booked a flight in order to run security checks on them and deny boarding to those suspected of terrorism or other crimes. Internationally this is known as APIS (Advance Passenger Information System) which screens all passengers and give a "green" for allowed to board, a "yellow" for keep under surveillance on landing and "red" for denial of boarding.
The US plans would not only screen passengers arriving in the USA but would also track their movements in the country.
Andreas Dietl, EU Affairs Director of data privacy watchdog European Digital Rights, comments:
"Either Commissioner Bolkestein has been lying to the Committees of the European Parliament, or the U.S. Administration is re-interpreting the outcome of the negotiations. This is just one more indication that, once the data has reached the U.S., it will inevitably, like in a Maelstrom, end up in surveillance networks where it can never be controlled according to EU law. CAPPS-II data is fed directly into the US-VISIT database network, which grants access to a whole range of government agencies, including all secret services. If the Commission cannot assure that the data will be treated in the U.S. in a manner compliant with EU law, it has the obligation to halt its transfer immediately."
Spotted an error? If you've spotted a problem with this page, just click once to let us know.
Statewatch does not have a corporate view, nor does it seek to create one, the views expressed are those of the author. Statewatch is not responsible for the content of external websites and inclusion of a link does not constitute an endorsement. Registered UK charity number: 1154784. Registered UK company number: 08480724. Registered company name: The Libertarian Research & Education Trust. Registered office: c/o MDR, 88 Fleet Street, London EC4Y 1DH, UK. © Statewatch ISSN 1756-851X. Personal usage as private individuals "fair dealing" is allowed. We also welcome links to material on our site. Usage by those working for organisations is allowed only if the organisation holds an appropriate licence from the relevant reprographic rights organisation (eg: Copyright Licensing Agency in the UK) with such usage being subject to the terms and conditions of that licence and to local copyright law.