European Commission Wants Collection And Retention Of Passenger Data For Everyone Flying In And Out Of Europe

from the open-breach-of-fundamental-rights dept

Another day, another shameless exploitation of the Charlie Hebdo attacks. We've just reported on an EU call for Internet companies to hand over their crypto keys; now the European Commission is trying to push through a requirement for wide-ranging information about everyone flying in and out of Europe to be collected and stored for years. As reported by the Guardian:
The European commission plan to be published on Wednesday would require 42 separate pieces of information on every passenger flying in and out of Europe, including their bank card details, home address and meal preferences such as halal, to be stored on a central database for up to five years for access by the police and security services.
The European Commission calls its plan (pdf) a "workable compromise", and goes on to list revisions that it claims address concerns of the European Parliament's Civil Liberties Committee, which rejected the whole idea of blanket retention of "Passenger Name Records" (PNR) back in 2013. Statewatch provides a summary of the main changes:
Changing the scope from "terrorism and serious crime" to "terrorism and serious transnational crime";

Reference to all the offences covered by the European Arrest Warrant is replaced by "a shorter list of offences that a relevant to transnational travel";

Reducing the retention period of the "full PNR" from 30 days to seven days, and changing the longer "depersonalised" retention period to four years in relation to "serious transnational crime" (it remains five years for terrorism);

"establishing stricter conditions for access to PNR data" including "the appointment of a Data Protection Officer within the national units responsible for the processing of PNR data";

"explicitly spelling out the rights of passengers to have access to their PNR data (retained by the PIU) and to request the modification or erasure of their data";
Whether or not these are enough, the Greens MEP Jan Philipp Albrecht, who is vice-chairman of the European Parliament's Civil Liberties Committee, points out a more fundamental problem with the proposal:
"The commission plans are an affront to the critics of the European parliament and the European court of justice who have said that data retention without any link to a certain risk or suspicion isn't proportionate.

"It is an open breach of fundamental rights to blanketly retain all passenger data," he added.
Albrecht is referring to the important judgment handed down by the EU's Court of Justice last year, which ruled blanket data retention was "invalid". The European Commission is acutely aware of this issue, and says right at the start of the leaked document:
The proposed compromise takes due account of the judgment of the Court of 8 April 2014 on the Data Retention Directive, as far as the judgment appears applicable to PNR.
However, it is by no means clear that the current proposal would in fact be regarded as "valid" by the court. Moreover, the Commission's document admits that it is anyway likely to meet resistance in the European Parliament:
In case the Commission would adopt its revised proposal without an accompanying Impact Assessment, the [European Parliament] or in any case some political groups would likely express their criticism, given the important implications derived on PNR from the [EU Court of Justice] ruling on [Data Retention Directive].
As that indicates, this move is just part of a larger argument within the European Union about how much surveillance of European citizens is appropriate, how long data about them should be retained and with what data protection safeguards. That, in its turn, feeds into even wider discussions with the US over the Safe Harbor agreement, NSA spying and the inclusion (or not) of a chapter on data flows within TAFTA/TTIP and TISA.

Follow me @glynmoody on Twitter or identi.ca, and +glynmoody on Google+

Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    That One Guy (profile), 28 Jan 2015 @ 11:29pm

    Going down the list

    As that indicates, this move is just part of a larger argument within the European Union about how much surveillance of European citizens is appropriate, how long data about them should be retained and with what data protection safeguards.

    That would be:

    1. None whatsoever that isn't related to an active, targeted investigation that has been authorized by a court-approved targeted warrant or similar order.
    2. Only so long as the investigation is ongoing and the data is required, after which all the data collected is purged.
    3. Only those directly involved in a given investigation should be allowed to have access to the data collected during the course of that investigation. If another agency desires access to the information, they should be required to go through the same steps they would if they were starting from scratch, and are barred from arguing that just because the other agency has access, they should too.

    Any agency found in possession of collected data, and that hasn't gone through the proper steps to gain authorized access to it will have those in charge of the agency, and the 'lower ranked' employees involved, removed from office and sentenced to 1-10 years in prison, depending on the severity of their actions, with a minimum one year sentence. Once their sentence is over, they will be released, though barred from serving running for, or serving in, public office for the rest of their life.

    The above seem like fair rules to me, though for agencies used to doing whatever they want, laws and rights be damned, I imagine the above would be seen as insane and ludicrously restrictive. How are they supposed to (fail to) find terrorists if they can't spy on everyone, all the time after all? /s

    reply to this | link to this | view in chronology ]

    • icon
      Ninja (profile), 29 Jan 2015 @ 5:17am

      Re: Going down the list

      The punishment you proposed seems kind of harsh for me. You could add softer options such a fine and a ban from working for the Government. Errors may occur.

      Still, this is all pretty and cool but this would need to be introduced by the same idiots that support the current system...

      reply to this | link to this | view in chronology ]

      • icon
        That One Guy (profile), 29 Jan 2015 @ 5:41am

        Re: Re: Going down the list

        The punishment is meant to be harsh, in part because I am so gorram sick of government and/or public officials pulling the 'Ooops, my bad' excuse when they get caught doing something, and then getting nothing more than a slap on the wrist for their actions. The other reason is to give some real incentive for those running an organization to make absolutely sure that they do not allow such actions to occur in their organization.

        I suppose if it could be conclusively proven that those in charge of an organization were not aware of the existence of 'unauthorized' data on their systems, then a hefty personal fine, loss of position, and being barred from any government in the future, while those that did know would still face the jail time, could make for an acceptable alternative, it's just with wiggle room like that you'd have nothing but 'See no evil, hear no evil' bosses, who intentionally made sure to remain as clueless as possible regarding what their department/organization was doing. This is why I feel they have to face some sort of punishment, even if they 'didn't know', to give them incentive to keep such activity from happening.

        As for your second point, while true, if you could only propose ideas that would be acceptable to the current batch of parasites, then pretty much anything other than 'Give the government more power' would be disqualified right off the bat, because anything less would be considered unacceptable to them.

        reply to this | link to this | view in chronology ]

        • identicon
          Cassie, 29 Jan 2015 @ 8:17am

          Re: Re: Re: Going down the list

          I feel there should be softer consequences, but only based on what the persons contribution to the activity is. Because with the wonderful setup you paint, even the secretary who may have heard of it, but had no part in it would have to face a year in jail and what not. We shouldn't punish those who had no part to play other than " This person had minimal knowledge of the plot" because then we would only be forcing offices to empty out every time something came to light. Every office has a secretary who hears everything, yet knows nothing of real value. ( Note: I only say secretary because that's an easy enough example for me to come up with)

          reply to this | link to this | view in chronology ]

          • icon
            That One Guy (profile), 29 Jan 2015 @ 9:16am

            Re: Re: Re: Re: Going down the list

            Hmm, how about this: The bosses of a particular agency will always be punished, jail if involved, personal fines if proven that they knew nothing(with the range of jail/fine sentencing dependent on involvement and severity of the action), loss of position and barred from government work either way. This is to motivate them to keep on eye on their subordinates, and do their hardest to stay withing the rule/law.

            Now it may seem unfair to hold them accountable for what their subordinates do, even if they aren't aware of it, but if the boss doesn't know what's going on, then either they are intentionally keeping themselves in the dark, or they're incompetent, and in either case, they need to be removed from their position and replaced.

            Subordinates will only suffer the penalty if they were involved. General, vague knowledge wouldn't count, they would have to be either directly involved with the action, or have sufficient evidence proven that they knew what was going on to also be subject to the punishment.

            reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Jan 2015 @ 4:17am

    One of the key things is that the European Commission is almost entirely unelected, whereas the European Parliament is not. This is supposedly to reduce the change of populist legislation form getting through.

    However, it seem that the EP is reining in the worst excesses of the EC. IT's going to be interesting in those countries running European elections this year as to how it's going to proceed.

    I would recommend that the unelected EC have a power reduction at the moment, as it's currently being corrupted by outside (often corporate) interests.

    reply to this | link to this | view in chronology ]

  • icon
    JarHead (profile), 29 Jan 2015 @ 4:22am

    Seems to me the western world is making itself a perfect target for terrorist of any stripe. All it takes is one successful attack and all the cockroaches come scurrying for cover, making things worse for all the citizens. Sometimes needing less than a successful attack. Any impact is amplified hundredfold.

    What a perfect target

    reply to this | link to this | view in chronology ]

    • icon
      Padpaw (profile), 29 Jan 2015 @ 4:29am

      Re:

      It is interesting how these terrorist attacks do nothing for the terrorists causes but instead support and benefit the fascists trying to take control and remove citizens everyday rights

      reply to this | link to this | view in chronology ]

  • icon
    Padpaw (profile), 29 Jan 2015 @ 4:28am

    I already know fellow Canadians avoiding ever visiting the States for how they run things, be interesting if we have to start adding parts of the EU to that never visit again list.

    reply to this | link to this | view in chronology ]

  • identicon
    LOL, 29 Jan 2015 @ 5:46am

    All because of Charlie Hebdo. I knew they were going to use it as an excuse for more control.

    Children.

    Terrorism.

    Piracy.

    reply to this | link to this | view in chronology ]

    • icon
      That One Guy (profile), 29 Jan 2015 @ 5:58am

      Re:

      'Because of'? Not really, they're just using it as an excuse, if it hadn't happened, they would use some other excuse to try and get this rot through.

      reply to this | link to this | view in chronology ]

  • icon
    DannyB (profile), 29 Jan 2015 @ 6:06am

    As long as they store the data in Write Only Memory

    I don't mind if they collect and retain data as long as they store it in Write Only Memory.

    reply to this | link to this | view in chronology ]

  • icon
    sorrykb (profile), 29 Jan 2015 @ 9:49am

    So much cynicism

    The European commission plan to be published on Wednesday would require 42 separate pieces of information on every passenger flying in and out of Europe, including their ...meal preferences...

    Have you even considered that maybe they're just trying to make sure they'll have the right food ready for us when we're detained indefinitely?
    This is what happens when you try to pay attention to your customers' needs... Geez.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 29 Jan 2015 @ 1:11pm

    I think it's horrible mass surveillance policies like this that are pushing more people towards extremism. I find it rather ironic that policies which are meant to reduce extremism, are actually increasing it.

    reply to this | link to this | view in chronology ]

  • identicon
    Personanongrata, 29 Jan 2015 @ 3:53pm

    Welcome to Europe....

    The Gestapo rides again.

    Your papers, please.

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Use markdown for basic formatting. HTML is no longer supported.
  Save me a cookie
Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.