On 25 November the European Parliament voted, by 383 votes to 271, in favour of a resolution to refer the EU-Canada agreement on Passenger Name Records (PNR) to the European Court of Justice (CJEU). The CJEU will now decide on the compliance of the agreement with EU law, in particular the Charter of Fundamental Rights. As explained in previous EDRi-gram articles, PNR data has become an attractive and invasive source for governments to obtain personal data.
The European executive on Wednesday called for the prompt passage of legislation to collect and retain information on anyone flying into or out of the EU, as part of a package of counter-terror policies following the jihadi attacks in Paris and alleged foiled terrorist murders in Belgium.
A European commission note seen by the Guardian calls for the swift adoption of the collection of passenger name records, including bank details, mobile numbers and meal preferences, for those flying in and out of the EU and their retention for up to five years for access by the police and security services.
On 26 February 2015, MEP Timothy Kirkhope presented to the European Parliament’s Committee on Civil Liberties (LIBE) a revised draft of the European Union Passenger Name Records proposal (see revisions here).
Unfortunately, this latest revision to the PNR proposal doesn’t make many improvements when it comes to protecting private information. To make matters worse, several MEPs have proposed extending this type of data collection to other means of transport. This reinforces our concern that adoption of the PNR proposal could lead to the normalisation of mass surveillance, spreading to other areas of EU citizens’ personal life.
On Wednesday, the European Parliament’s Committee on Civil Liberties (LIBE) adopted the EU Passenger Name Records (EU-PNR) directive proposal, presented by Rapporteur Timothy Kirkhope, a conservative MEP from the UK.
The EU-PNR directive would establish the systematic collection, retention, and analysis of passenger data for everyone flying into or leaving the EU. Passenger data contains a plethora of personal information, such as passengers’ personal and contact details, itinerary, payment methods, and sometimes even car and hotel bookings.