European Commission Wants Collection And Retention Of Passenger Data For Everyone Flying In And Out Of Europe
from the open-breach-of-fundamental-rights dept
The European commission plan to be published on Wednesday would require 42 separate pieces of information on every passenger flying in and out of Europe, including their bank card details, home address and meal preferences such as halal, to be stored on a central database for up to five years for access by the police and security services.The European Commission calls its plan (pdf) a "workable compromise", and goes on to list revisions that it claims address concerns of the European Parliament's Civil Liberties Committee, which rejected the whole idea of blanket retention of "Passenger Name Records" (PNR) back in 2013. Statewatch provides a summary of the main changes:
Changing the scope from "terrorism and serious crime" to "terrorism and serious transnational crime";Whether or not these are enough, the Greens MEP Jan Philipp Albrecht, who is vice-chairman of the European Parliament's Civil Liberties Committee, points out a more fundamental problem with the proposal:
Reference to all the offences covered by the European Arrest Warrant is replaced by "a shorter list of offences that a relevant to transnational travel";
Reducing the retention period of the "full PNR" from 30 days to seven days, and changing the longer "depersonalised" retention period to four years in relation to "serious transnational crime" (it remains five years for terrorism);
"establishing stricter conditions for access to PNR data" including "the appointment of a Data Protection Officer within the national units responsible for the processing of PNR data";
"explicitly spelling out the rights of passengers to have access to their PNR data (retained by the PIU) and to request the modification or erasure of their data";
"The commission plans are an affront to the critics of the European parliament and the European court of justice who have said that data retention without any link to a certain risk or suspicion isn't proportionate.Albrecht is referring to the important judgment handed down by the EU's Court of Justice last year, which ruled blanket data retention was "invalid". The European Commission is acutely aware of this issue, and says right at the start of the leaked document:
"It is an open breach of fundamental rights to blanketly retain all passenger data," he added.
The proposed compromise takes due account of the judgment of the Court of 8 April 2014 on the Data Retention Directive, as far as the judgment appears applicable to PNR.However, it is by no means clear that the current proposal would in fact be regarded as "valid" by the court. Moreover, the Commission's document admits that it is anyway likely to meet resistance in the European Parliament:
In case the Commission would adopt its revised proposal without an accompanying Impact Assessment, the [European Parliament] or in any case some political groups would likely express their criticism, given the important implications derived on PNR from the [EU Court of Justice] ruling on [Data Retention Directive].As that indicates, this move is just part of a larger argument within the European Union about how much surveillance of European citizens is appropriate, how long data about them should be retained and with what data protection safeguards. That, in its turn, feeds into even wider discussions with the US over the Safe Harbor agreement, NSA spying and the inclusion (or not) of a chapter on data flows within TAFTA/TTIP and TISA.
Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+