Europe sets minimum PNR standards
Transfers for terror and serious crime only
Agentless Backup is Not a Myth
The European Commission has set minimum standards under which countries should agree to exchange airline passenger name information with nations outside the EU.
The guidelines will underline new Passenger Name Record agreements with Australia, Canada and the US.
EU Commissioner for Home Affairs Cecilia Malmström said PNR deals had proved useful in fighting terrorism and serious transnational crime but raised important issues for the protection of personal data.
At the moment exchange of passenger data is carried out according to individual agreements with each country.
Any future deals should conform to certain general principles:
Data should only be used to fight terrorism and serious transnational crime.Data should be limited to that useful in fighting those types of crime, and should be clearly specified by the agreement.
Passengers should not be prevented from boarding by automated checks alone.
Any country receiving and storing PNR data must ensure high standards of data protection.
Periods of retention should be limited.
There should be oversight that the agreement is being followed.
There should be reciprocity between countries.
The full statement is here. ®
COMMENTS
Dumbasses in the EU Alert
The 'Mercans will never allow another country/coalition to do this.
Full stop.
Hmmmm. I can see it now
Data should only be used to fight terrorism and serious transnational crime.
and of course the defintion of what is 'terrorism' and 'transnational crime' will not be stretched until it covers virtually any crime anywhere.
Data should be limited to that useful in fighting those types of crime, and should be clearly specified by the agreement....and will not of course be 'everything, cos you never know might be useful'
"Passengers should not be prevented from boarding by automated checks alone."
"We just have some manual checks to complete. Don't worry Sir. The checks won't take long. Can you come back tomorrow?"
Any country receiving and storing PNR data must ensure high standards of data protection.
"Memory sticks are just fine. just make sure you don't loose them"
Periods of retention should be limited.
"20 years long enough?"
There should be oversight that the agreement is being followed.
"Wayhay. More oveseas trips by auditors on expense accounts"
There should be reciprocity between countries.
And the recoprocity agreement will last just as long as the first request of data "or we will not let you aircraft land on pur soil" threat is issued."
Oh and if they fail to honour the rules?
OK I can see the logic to having a standard form of agreement throughout the EU and it's encouraging that the EC has taken on board some of the reservations about the current situation; but how do they propose to enforce these rules? I can't see the EU refusing to let people either in or out of the EU just because another country does not live up to our standards and requirements. As with the US/GB extraditon treaty the table seems to be tilted in favour of the US, so how is reciprocity to be enforced and who in the world is going to police all this? The parties themselves? That's not a runner as far as I can see, more likely it will be a case of "you scratch my back..." Maybe the whole agreement will be overseen by a third party committee or something but again, who will do this.
To my mind this is window dressing to keep the general public quite whilst business goes on as usual.
IT infrastructure monitoring strategies
Agentless Backup is Not a Myth
Steps to Take Before Choosing a Business Continuity Partner
Enabling efficient data center monitoring
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
