Today, we have a report on a meeting regarding the proposed “EU-US Passenger Data Agreement” (also called the Passenger Name Records, or PNR).
From that report,
“Does the EU-US passenger data deal offer enough safeguards for EU citizens? Is the balance between security and data protection adequate? What are the consequences of saying “yes” or “no” to the agreement? These were the main issues raised by MEPs in a Civil Liberties Committee debate with Commissioner Cecilia Malmström on Monday.
“This agreement is not compatible with EU law”, said rapporteur Sophia in’T Veld (ALDE, NL), asking “what kind of precedent do we create if we accept it?”.
The ALDE, Greens/EFA and GUE/NGL groups shared her views, while EPP and ECR speakers supported the deal, even though “it is not entirely satisfactory”. The S&D group has yet to state its position.
The Civil Liberties Committee will vote on the passenger data agreement with the US on 27 March at 12:00. The plenary vote is foreseen for April.”
Viviane Reding (@VivianeRedingEU), Vice-President of the European Commission and EU Commissioner for Justice, Fundamental Rights and Citizenship has said when “asked about personal data protection in international agreements, such as SWIFT on banking data and air passenger name records (PNR) and the possible use of body scanners in airports. Ms Reding said that “you can be very sure that fundamental rights and data protection will be top of the line. We will not let anyone dictate to us rules that go against fundamental rights on anti-terrorism grounds (…) our need for security cannot justify any violation of privacy. We should never be driven by fear, but by values”
I have further reaction from Vivian Reding regarding PNR in this post on my blog.
I still need convincing that the ‘adequacy’ requirement are up to at least the level EU acquis provides, and other privacy advocates, including Commissioner Cecilia Malmström, do too.
MEP Timothy Kirkhope “favours including intra-EU flights in the legislation. “I do see a clear necessity and added value for a system which also operates for intra-EU flights”“. I do not see any clear necessity or added value in that. Very worryingly, Mr Kirkhope is the Parliament’s rapporteur on PNR. Both Sophie in’t Veld and Timothy Kirkhope can be viewed in the second part of this video talking on the BBC’s The Record program (the first half of the program concerns ACTA)
Privacy group EDRI on PNR: http://www.edri.org/issues/privacy/pnr
Statewatch on “EU-USA-PNR”: http://www.statewatch.org/whatsnew.htm
I do not think that passing legislation that is again not adequate enough to protect EU citisens data from the whims of extra-EU authorities is a good idea.
Until all concern are met, until extra-EU authorities protect EU data at least up to the level it is protected by EU acquis, data transfers should be halted to focus their minds and to force EU citizens’ adequate protections.
EU citizens look like they need to lobby their EPP and ECR MEP’s, for they are the ones who do not seem concerned with PNR privacy requirement. Do it soon, there is not much time.
I’ve touched on these proposed legislation/Treaties concerning the transfer of EU citizens & businesses data outside the EU, and the privacy concerns surrounding the protection of that data up to adequate levels commensurate with EU acquis:
1. regarding the Anti-Counterfeiting Trade Agreement (ACTA): https://awbmaven.wordpress.com/2012/02/15/acta-statement-by-vivianeredingeu-with-my-immediate-observations-including-questions-cc-ralfgrahn-ffii-edri_org/
2. regarding the Police and Criminal Justice Data Protection Directive and its sister, General Data Protection Regulation: https://awbmaven.wordpress.com/2012/02/22/the-eus-police-and-criminal-justice-data-protection-directive-re-personal-information-and-data-cc-acta/
3. Is ‘Safe Harbour’, safe? Does it meet all #EU #acquis (EU laws)? Does, for instance, #Facebook?: https://awbmaven.wordpress.com/2012/02/17/is-safe-harbour-safe-does-it-meet-all-eu-acquis-eu-laws-does-for-instance-facebook/
Some other legislation/Treaties to do with transferring EU data outside the EU (by no means all of them, I will edit and add more as I find them/have time):
General Data Protection Regulation COM(2012) 11 final:
Commission proposes a comprehensive reform of the data protection rules: