Feeds

EC broke rules over passenger data, Parliament told

As data sharing deal nears renewal

Providing a secure and efficient Helpdesk

The European Commission "clearly breached" its obligations when it agreed a passenger data sharing scheme with the US, the European Parliament has been told. The opinion was given just as negotiations on a new deal are begun.

It also emerged that the US does not believe that it needs a new data sharing deal in order to demand details on Europeans flying into the US.

Passenger details, known as the passenger name record (PNR), are passed to US authorities by airlines in a deal brokered by the European Commission but long opposed by the European Parliament as a breach of European privacy and data protection rules.

Spiros Simitis, a data protection expert which advises the commission, told a Parliament hearing this week that the commission has "clearly breached its obligations" in the deal it cut with the US over PNR. The law says that in order to obtain and process personal data, an authority must state an exact purpose for it.

"Undefined terms like 'terrorism' and 'public interest' are completely counterproductive and inadmissible for any functioning data protection rules," he said.

The current, temporary deal expires in July and negotiations between the commission and the US on a new, long-term deal have just started. One negotiator involved in the process, Hans Jurgen Forster, told the Parliament that "people expected the negotiations to be difficult and they are".

He said the US is even beginning to refuse to concede the need for a deal at all. "The US doubt the need for a new PNR agreement. They even think a short extension of the existing interim agreement is unnecessary," he said.

There is a possibility that an open skies agreement on transatlantic air travel, which has some security provisions, could be used by the US as a replacement deal to the PNR agreement, warned some MEPs.

The Parliamentary session was a hearing of the Committee on Civil Liberties, Justice and Home Affairs. That committee's chair, Greek MEP Stavros Lambrinidis, said he was concerned not only about the volume of data being passed to the US, but about what it is used for. "The transfer of PNR data has only been scrutinised by the Parliament once, and we were critical about it. We ask to evaluate a future agreement."

Some MEPs said they wanted the new system to include greater controls over European data, including a switch of the data transfer system from being one in which the US has access to any of the data it wants to one which demands that it request any information.

"This would include switching to a 'push' system, so that US officers should have to request data specifically required, case-by-case rather than simply being granted access to the full database and reducing the number of PNR data fields that they can check," said a Parliament statement.

"The switch to the push procedure is urgent, this has been made absolutely clear to the Americans," said Forster. "The US government has indicated a willingness to discuss and draft a list of principles, to see whether additional restrictions to PNR transfer are desirable. The American side is expected to deliver a revised version on the undertakings before we start a second round of negotiations".

Copyright © 2007, OUT-LAW.com

OUT-LAW.COM is part of international law firm Pinsent Masons.

Beginner's guide to SSL certificates

More from The Register

next story
Doctor Who's Flatline: Cool monsters, yes, but utterly limp subplots
We know what the Doctor does, stop going on about it already
Facebook, Apple: LADIES! Why not FREEZE your EGGS? It's on the company!
No biological clockwatching when you work in Silicon Valley
'Cowardly, venomous trolls' threatened with TWO-YEAR sentences for menacing posts
UK government: 'Taking a stand against a baying cyber-mob'
Happiness economics is bollocks. Oh, UK.gov just adopted it? Er ...
Opportunity doesn't knock; it costs us instead
The 'fun-nification' of computer education – good idea?
Compulsory code schools, luvvies love it, but what about Maths and Physics?
Ex-US Navy fighter pilot MIT prof: Drones beat humans - I should know
'Missy' Cummings on UAVs, smartcars and dying from boredom
Sysadmin with EBOLA? Gartner's issued advice to debug your biz
Start hoarding cleaning supplies, analyst firm says, and assume your team will scatter
Don't bother telling people if you lose their data, say Euro bods
You read that right – with the proviso that it's encrypted
prev story

Whitepapers

Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Why cloud backup?
Combining the latest advancements in disk-based backup with secure, integrated, cloud technologies offer organizations fast and assured recovery of their critical enterprise data.
Win a year’s supply of chocolate
There is no techie angle to this competition so we're not going to pretend there is, but everyone loves chocolate so who cares.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.