Paris Attacks Used to Justify New Attempt to Harvest Airline Passenger Data

Owen Humphreys/PA Wire URN:15449317 (Press Association via AP Images)
Owen Humphreys/PA Wire via AP

All airline passengers flying in and out of Europe are to have their personal data, including bank details, stored on a police database for up to five years in order to combat terrorism, under new plans from the European Commission. Civil liberties campaigners have lambasted the plans as an incursion of privacy, but Prime Minister David Cameron insisted that failure to enact the plans would put lives at risk.

The proposals, published by the Commission today, bring back to the table previous efforts to collect Passenger Name Records (PNR) from airline companies. The records contain 42 pieces of information on every passenger, including bank card details, home address, phone number, and meal preferences such as halal. They are to be stored on a database by police and security services for up to five years, and ministers plan to share the information with foreign jurisdictions worldwide.

A previous attempt to collect detailed data was blocked in the European Parliament following attempts by European leaders to strike a deal with Canada over the sharing of such information. MEPs were concerned that the data may be shared with jurisdictions such as Korea or Russia.

Last December, Prime Minister David Cameron told European leaders in Brussels: “It is wrong that we can get more information from countries outside the EU than from each other.

“There are three threats – returning fighters; airline plots, and terrorists using air travel – and PNR is a simple way to better protect ourselves from these. Quite frankly, the European Parliament is letting us down in terms of keeping our people safe.”

A Downing Street source added: “They have been trying to find ways to stall and block this. Schultz needs to get the rest of MEPs in the same place.

“It’s frankly ridiculous. MEPs may feel relaxed about putting the safety of EU citizens at risk, but that is because they don’t have to take responsibility and leaders do. It’s not right that they should be stopping this.”

On the day of the Je Suis Charlie unity march in Paris, European Interior Ministers, including Britain’s Home Secretary Theresa May, agreed that their main priority in terms of counter-terrorism was to overturn the European Parliament’s opposition to the data sharing plan.

They issued a joint statement announcing a “crucial and urgent need to move toward a European passenger name record system”.

However, civil liberties advocates are still staunchly opposed. Jan Philipp Albrecht, vice-chairman of the European parliament’s civil liberties committee, said: “The commission plans are an affront to the critics of the European parliament and the European court of justice who have said that data retention without any link to a certain risk or suspicion isn’t proportionate.

“It is an open breach of fundamental rights to blanketly retain all passenger data. Instead of a full take of PNR [passenger name record] data, we need a focus on suspects and risk flights. The Paris attacks have shown that mass retention was not effective in fighting jihadis.

“The proposed surveillance of all travelers is a symbolic measure on the cost of EU citizens’ civil liberties and effective security.”

The plans published today, described as a “workable compromise” by the Commission, include a number of revisions to the proposals put before Parliament previously, such as a reduction in the retention of the full data set from 30 days to 7 days before it is “depersonalised”. It would be retained in such a format for five years. However, depersonalisation only masks the identity of the passenger, but it can be revealed upon application.

Other measures include the introduction of stricter conditions for accessing the records, including the appointment of data protection officers to oversee the records’ use; spelling out passengers rights of access to their own data; and reducing the number of crimes in relation to which the data can be accessed.

In order to circumnavigate opposition in the European Parliament, the new plans also raise the possibility of each member country introducing the measures for flights into and out of their own countries, with an option to review the possibility of tracking internal flights within the EU within two years.

The amendments aren’t enough to satisfy Mr Albrect, who said “It is a joke. They are not safeguards. Depersonalisation does not make the data anonymous. All they have to do is ask a senior officer for the identity to be revealed. What is needed is a targeted approach based on a proper risk assessment of flights to and from different regions and different groups of people.

But his colleague on the European Parliament’s civil liberties committee, British Conservative MEP Timothy Kirkhope, said that the proposals may secure a majority backing. “I want an agreement that safeguards lives and liberties by offering stronger data protection rules whilst also making it much harder for a radicalised fighter to slip back into Europe undetected,” he said earlier this month.

“EU heads of government and home affairs ministers would not ask for this agreement unless there were a clear and present need for it.”