The European Parliament’s civil liberties committee has voiced concern that the European Commission is delaying proposals for a global agreement on exchanging data about airline passengers.
In the absence of such an agreement, the airlines operating in the EU are continuing to pass on to the likes of the United States, Canada and Australia passenger name records (PNR), despite the disapproval of MEPs.
The civil liberties committee and the EU’s data-protection experts believe the current practices breach EU data-protection rules. A 2007 EU-US accord, an EU-Canada accord from 2005 and an EU-Australia accord from 2008 are in force on an interim basis.
The Parliament and national data-protection supervisors claim that EU rules prohibit the sharing of information collected on citizens from EU countries with non-EU countries, including PNR data. The data collected include meal preferences, name, method of payment for the flight and frequent-flyer data.
The Commission had agreed in May that it would come up with proposals by mid-July as to how it would ease the European Parliament’s data privacy concerns.
Sophia in ’t Veld, a Dutch Liberal MEP, told European Voice that on Monday (12 July), at its last meeting before the summer break, the committee was expecting to hear why the measures have now been delayed until September or October.
“We have a lot of understanding for the European Commission but it is a matter of courtesy at best to inform the European Parliament as to why,” said in ’t Veld, who is handling the PNR issue for the Parliament.
US data-sharing deal faces legal challenge
MEPs unhappy with a new EU-US deal on sharing banking data are warning that even if it comes into effect it might still face a legal challenge at the European Court of Justice.
The Parliament will vote on a new regime for the transfer of banking data today (8 July) and the three biggest political groups, the centre-right European People’s Party (EPP), the Socialists and Democrats (S&D) and the Alliance of Liberals and Democrats (ALDE), are all backing it.
But Jan Philip Albrecht, a German Green MEP, said: “There has to be a judicial examination.” Sophia in ’t Veld, a Dutch Liberal MEP, said that even though she supported the compromise deal as a whole, she felt the deal was “not legally watertight” and was likely to be challenged in court. “I would be very surprised if it was not,” she said.
Alexander Alvaro, a German Liberal MEP who guided the accord’s consent procedure through Parliament, said that he believed the agreement would hold up in court, but said that co-ordinators in the civil liberties committee would decide next week (12 July), after today’s vote, whether to ask for a legal opinion from legal experts.
The deal, which was concluded between the EU and US on 28 June, would revise the arrangements governing how the EU oversees the work of the US Terrorist Finance Tracking Programme (TFTP), which was set up by the US Treasury after the 2001 terrorist attacks to hunt down suspect terror groups and their financial backers.
The TFTP sifts through data on thousands of international bank transfers made by SWIFT, a Belgian-based financial consortium.
The Parliament forced a renegotiation of the SWIFT agreement after MEPs rejected an initial accord in February, arguing that it contained too few guarantees protecting data privacy rights of Europeans.
Under the changes, EU officials will be sent to observe how American counter-terrorism officials extract and review data sent to them via the TFTP.
On the European side, the European Police Office (Europol) will be tasked to review each US request for data to see if it complies with EU data protection rules. The European Commission will also have to present plans to set up an EU counterpart to the US TFTP, which is supposed to ensure less bulk data on Europeans are sent to the US within a year of the pact coming into force.
Albrecht said that judges and legal experts rather than police officials at Europol should decide on the data transfers.
Several MEPs doubt whether Europol is best placed to judge what data are sent to US authorities and whether it has the legal right to do so under the EU treaty. Stavros Lambrinidis, a centre-left MEP who was part of the Parliament’s negotiating team on the new accord, acknowledged that Europol “is hardly the ideal EU body to conduct the initial review of US data requests”.
In May, the MEPs opted to postpone a final-consent vote on the 2007 EU-US accord on the transfer of PNR data, so as to give the Commission more time to meet their demands that it overhaul the way data are transferred and limit their use, respecting the privacy rights of Europeans.
In ’t Veld warned that MEPs might yet go for a “guillotine option”, putting a vote back on the agenda if the Commission does not come up with its plans soon. Cecilia Malmström, the European commissioner for home affairs, however, said that the reasons for the delay were purely technical. She said that officials were “extremely busy” trying to complete the proposals.
The Parliament has asked the Commission to renegotiate its agreements with the US, Australia and Canada to bolster data-protection rights. It also called for the Commission to seek a single international PNR accord and to come up with a single PNR regime for EU countries.