A leading Member of the European Parliament (MEP) has said that she will not be silenced on the shortcomings of a new deal to pass European airline travelers' information to the United States.
Dutch Liberal MEP Sophie In't Veld made the comments on Friday after the European Commission issued a press release extolling the virtues of the Passenger Name Register (PNR) agreement. Parliamentarians have been banned from talking about the content of the deal or making notes on the document and may only read it in a "sealed room."
In't Veld believes this is ridiculous. "This is highly unfortunate. MEPs can read it, but citizens should also have access to what is decided about their rights. I don't feel particularly bound to any confidentiality, especially as the Commission has been making public statements, why should I be quiet about it? The whole situation is not very confidence inspiring," she said.
Others in the Parliament have described the state of affairs as "absurd." The Commissioner responsible for the negotiations, Cecilia Malmström, only briefed Parliamentary representatives on Tuesday -- almost a full week after she spoke with a German newspaper. "Even at that meeting, the Commission only distributed copies of the articles Malmström likes to present as improvements, not the whole text of the agreement," said a Parliament source.
The agreement would require airlines to send information -- including telephone numbers, email addresses and even credit card data -- about passengers to the Department of Homeland Security in the U.S. This information would then be stored for up to 15 years. The Commission claims the latest text is "privacy-friendly" as the data will be de-personalized after six months and moved to a 'dormant database' after five years.
But this has not persuaded many MEPs. "The 'new EU-US PNR' agreement presented is nothing more than a repackaging of the old agreement and fails to address the fundamental rights concerns repeatedly raised by the European Parliament and various European courts. They have tried to make it look better, but have only made cosmetic changes. The substance of blanket data retention has remained. The Commission also paid for these changes with concessions to the U.S. and there is now widened scope on border checks," said German Green MEP Jan Philipp Albrecht.
In his opinion, the agreement still violates E.U. data privacy rules and could come up against opposition from constitutional courts in member states. "Even if they say personal data will be 'anonymized' after six months, the U.S. still keeps all the records for 15 years. This goes way beyond what is allowed by the E.U. treaties. I think it likely that Germany may block the deal as it violates fundament rights. When looking at transposing the Data Retention Directive, the German Constitutional Court ruled that even six months blanket retention is not compatible with German law. So when it comes to 15 years, there could be a major problem between the German court and the E.U. legislator. And I think other member states will have trouble with it too," continued Albrecht.
Despite widely held concerns among MEPs and civil liberties groups, such as EDRi, the European Parliament is nonetheless likely to pass the latest text. There is little public awareness about the issue and the two biggest groups will probably vote for it to avoid any trans-Atlantic bad feeling, said Albrecht. However, he and In't Veld stressed that this is a big civil liberties issue as citizens have the right to know what is being done with their information and the new text still raises many privacy concerns.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.