European Union MEPs last week approved a new ruling in a bid to support the world’s efforts to combat terrorism amidst an ongoing argument from critics against the collection and storage of passenger data. Last month saw serious negotiations and proposed guidelines were publicly released, awaiting approval.
Criticisms of PNR transmission and in particular, the storage of such personal data is not a new occurrence. The European Data Protection Supervisor, Mr Giovanni Buttarelli, said he is ‘uncomfortable with the idea of mass surveillance.’ He, and other critics of passenger information harvesting, believe that a better system would involve the targeting of specific flight categories and destination countries.
The new ruling, now passed as law across the EU, known as the EU Passenger Name Record (PNR) directive, has been in the discussion stages for almost four years, and has been revised following a previous rejection. Since the most recent wave of terrorist attacks in Europe, the directive was again brought up-to-date with additions to security measures, strict handling guidelines and storage rules.
The passenger information must only be accessed to investigate suspected terrorist activity or serious crime, such as people trafficking or exploitation, drug or weapons smuggling or money laundering.
It is also confirmed that data will be de-personalised after 30 days and deleted permanently after a period of five years.
PNR transmission must be handled securely and a strictly structured system is being developed.