Wednesday, 10 March 2004
European Parliament reaffirms rejection of USA demands for airline reservations
In response to a report and recommendations on the implementation of the 1995 European Union Data Protection Directive, the European Parliament has overwhelmingly reiterated its finding on airline reservation data that:
National and European laws on the transfer of personal data to third countries have been flagrantly breached by the transfer of transatlantic passengers' personal data to the US law-enforcement authorities, and ... the attitude of the [European] Commission, the Member States and some privacy protection authorities - particularly those which under national law have the power to block data transfers - has been basically to connive at this violation of the law and of the principle of legality....
As stated in ... the opinions of the Article 29 Working Party [of European Union national data protection authorities] and the report of the EU network of experts on human rights, EU data protection standards are seriously infringed when personal data are, without informing and obtaining the consent of the data subject, transferred or accessed directly and systematically by a third state party or law-enforcement authority, notably when data are collected for another purpose and without judicial authorisation, as in the case of US authorities accessing transatlantic passenger data collected in the EU by airline companies and electronic reservation systems;
The draft resolution was adopted unanimously by the EP Committee on Citizens' Freedoms and Rights, Justice and Home Affairs (LIBE), and was reported by Statewatch to have been approved by vote of 439 to 39, with 28 abstentions, by the full European Parliament at its plenary session on 9 March 2004.
The Committee on Legal Affairs and the External Market, whose recommendations were also solicited by Parliament and included in the report, also unanimously agreed that it "Reiterates the call made by the European Parliament in its resolution on the transmission.on of personal data by airlines in the case of transatlantic flights and expresses its wish to see that call implemented."
And the "Explanatory Statement" by Member of the European Parliament and the LIBE Committee and rapporteur Marco Cappato (whose complaint against USA-based airlines for illegally giving his reservations for flights between Brussels and Washington to the USA Department of Homeland Security, and possibly other unknown entities in the USA, has been upheld by the Belgian privacy law enforcement agency), noted that:
Commissioner Bolkestein stated at the joint meeting of the Committee on Legal Affairs and the Internal Market and the Committee on Citizens' Freedoms and Rights, Justice and Home Affairs which took place on 1 December 2003 that the accessing by US authorities of personal data on passengers on Transatlantic flights was 'illegal'. Stefano Rodotà, the Italian privacy guarantor and chairman of the Article 29 Group asserted at the same meeting that some national guarantors could have brought injunctions against the airline companies to suspend the transfer of data, but decided not to do so. Your rapporteur is greatly alarmed at the fact that when faced with a clear breach of European and national law and of the fundamental right to privacy, those institutionally responsible for ensuring observance of those laws and rights failed to do this and in essence became instrumental in violations of the law.... In view of the sensitivity of the information exchanged, the minimum rule that must be established is the application of a democratic clause prohibiting the transfer of data to states that do not respect basic human rights and freedoms, democracy, [and] the rule of law.
As Statewatch pointed out in reporting the EP vote on this resolution, "At the end of this month the European Parliament will be asked to vote again on the question of whether or not the USA offers 'adequate' protection of data for EU citizens flying there." The USA has promised explicitly to honor such a vote, at least with respect to testing and use, with reservation archives and databases that include data from the EU, of the CAPPS-II airline passenger profiling and monitoring system.
Further consideration in the LIBE Committee of the specific issue of PNR data transfers to the USA is now scheduled for Wednesday, 17 March 2004, in Brussels. The schedule of future EP votes will be determined by when the European Commission finalizes its proposed agreement with the USA on uses of reservation data.
But the overwhelming vote on this week's resolution underscores the clear consensus in the European Parliament against the use of EU airline data in such surveillance schemes -- notwithstanding the clearly illegal "deal" which another branch of the EU, the European Commission, had its arm twisted by the USA to approve.
If the USA really intends to keep its promise to get EP approval before testing or deploying CAPPS-II, this week's EP vote makes plainer than ever that the first step needs to be adoption in the USA of a Federal privacy law for travel records that meets EU (and Canadian and other countries') standards of "adequacy" in accord with international norms.Link | Posted by Edward on Wednesday, 10 March 2004, 22:58 (10:58 PM)