Wednesday, 14 January 2004

More criticism of European Commission for "deal" on CAPPS-II testing

European Commissioner Frits Bolkestein is under increasing attack for the "deal" he has tried to make to turn over European Union airline passenger data to the USA, first for selling out EU citizens privacy rights, and now for trying to keep the "side agreement" authorizing use in CAPPS-II tests of data from the EU out of the attention of the European Parliament.

In a statement today, the European Digital Rights initiative (EDRi) says:

Commissioner Bolkestein claimed that the use of EU citizen's personal data in the CAPPS-II system was explicitly exempt from the agreement a negotiation group he headed had reached with U.S. authorities. According to Commissioner Bolkestein , this exclusion was prerequisite to the Commission's agreement to the transfer of PNR data to the U.S.: "The arrangement will not cover the US Computer Assisted Passenger Pre-Screening System (CAPPS II)."

Commissioner Bolkestein mentioned CAPPS-II testing only at the tail end of the discusssion in the European Parliament last month, in his final, impromptu responses to questions from MEP's. Presumably, he wouldn't have mentioned it at all had ne not been aksed about it specifically.

Even then he seemed (at least in the initial unoffical transcription and translation) to contradict his official, published report. While saying that CAPPS-II would require a separate agrement, he stopped well short of saying explicitly that such a separate "side agreement" had already been agreed to by the EC:

Ms Buitenweg asked me about CAPPS II. That is not part of the agreement. We have agreed to run a trial, to make a trial run on CAPPS II, but those data will be immediately destroyed and any further exercise involving CAPPS II will be subject to a new and separate agreement.

According to Andreas Dietl, EDRi's EU Affairs Director:

It is a shame that Commissioner Bolkestein has tried to mislead the European Parliament on the nature of the draft agreement dealt out with the U.S. Department of Homeland Security.

It is now clear that the Commission has agreed to the abuse of EU citizen's personal data to test a surveillance system that in its very nature is against the principles of EU data protection legislation. The claim by the U.S. that the data used for testing purposes will be deleted thereafter is merely a joke: The data will still be available in the Computerized Reservation System (CRS), where it can be accessed by government agencies at any time.

In not mentioning this side agreement, Commissioner Bolkestein has come close to lying to the Parliament. If the Commission does not stop the transfer of personal data from the EU now, it is time to take them to the European Court of Justice for breach of Article 25 of the EU Data Protection Directive 95/46/EC.

[Addendum, 15 January 2004: The Register and EurActiv.com have picked up the story. As the typically ascerbic John Lettice writes today in The Register , "Aside from not mentioning this (indeed, implying the contrary) when announcing the agreement, the Commission was silent on whatever safeguards it may or may not have implemented in order for this to have been permitted. There is, one might suspect, a certain implausibility to the US using live data under the public agreement, using the same data under the shadier CAPPS II testing agreement, and then not finding itself (oops...) getting mixed up."]

Link | Posted by Edward on Wednesday, 14 January 2004, 23:04 (11:04 PM) | TrackBack (0)
Comments
Post a comment









Save personal info as cookie?