The EU PNR transmission directive is in the news again, as EU parliament members are accused of ‘playing games’.
Earlier this year, the plans for the introduction of the EU PNR Directive continued to be hotly debated, yet the final drafts were agreed for the vote in the European Parliament. It has been announced that the plans are now subject to further delays following a mass vote against the initiative.
The announcement has created frustration amongst the lawmakers in Europe, who are eager to put an official plan in place to introduce what they are referring to as a ‘critical counter-terrorism tool’.
The controversy has arisen again around the breach of privacy of an individual’s personal information, as PNR data will be retained for airlines for five years, the first six months of which will retain personal identifying data.
This is not to say that information will be accessible by the public, but rather by a specially-created regulating body, specifically detailed to handle the sensitive information.
Passenger Name Records have been in existence for many years, originally being used to assist interlining passengers with baggage transfers. The new directive aims to use PNR information in a similar way to Advance Passenger Information, which is used to screen passengers in advance of international travel.
European Union MEPs last week approved a new ruling in a bid to support the world’s efforts to combat terrorism amidst an ongoing argument from critics against the collection and storage of passenger data. Last month saw serious negotiations and proposed guidelines were publicly released, awaiting approval.
Criticisms of PNR transmission and in particular, the storage of such personal data is not a new occurrence. The European Data Protection Supervisor, Mr Giovanni Buttarelli, said he is ‘uncomfortable with the idea of mass surveillance.’ He, and other critics of passenger information harvesting, believe that a better system would involve the targeting of specific flight categories and destination countries.
The new ruling, now passed as law across the EU, known as the EU Passenger Name Record (PNR) directive, has been in the discussion stages for almost four years, and has been revised following a previous rejection. Since the most recent wave of terrorist attacks in Europe, the directive was again brought up-to-date with additions to security measures, strict handling guidelines and storage rules.
The passenger information must only be accessed to investigate suspected terrorist activity or serious crime, such as people trafficking or exploitation, drug or weapons smuggling or money laundering.
It is also confirmed that data will be de-personalised after 30 days and deleted permanently after a period of five years.
PNR transmission must be handled securely and a strictly structured system is being developed.
Canada is forging ahead in a bid to increase the safety of airline passengers, aircraft and crew. Bill C-51, known as Canada’s Anti-terrorism Act, 2015, is to be tackled in two parts:
- Security of Canada Information Sharing Act
- Secure Air Travel Act
If passed, the current Passenger Protection Program would be enhanced with greater transparency for the sharing of passenger data in a similar system to that used in the U.S. in the transmission of Advance Passenger Information (API). API transmission before a flight leaves for its destination, can allow government agencies to scan passenger data and achieve early alert when comparison is made to a ‘do-not-fly’ list or similarly, a list containing the names of potential terrorists, members of high-risk political or radical groups – a ‘Persons of Interest’ list.
Opposers of the scheme argue that concerns should be raised when information sharing is discussed. It is by no means decided at this stage the grounds on which a person will be placed upon such lists and the government of Canada propose to lower the threshold and expand the grounds on which a person becomes ‘specified’ under the Passenger Protection Program.
The debate continues.