Opinion of the European Data Protection Supervisor on the Proposal for a Directive of the European Parliament and of the Council on the use of Passenger Name Record data for the prevention, detection, investigation and prosecution of terrorist offences and serious crime.
The EDPS welcomes the fact that he was consulted by the Commission. Already before the adoption of the Proposal, the EDPS was given the possibility to give informal comments. Some of these comments have been taken into account in the Proposal, and the EDPS notes that globally speaking data protections safeguards in the Proposal have been strengthened. Remaining concerns are however still present on a number of issues, especially in relation to the scale and purposes of the collection of personal data.
The main purpose of an EU PNR scheme is the establishment of a system obliging air carriers operating international flights between the EU and third countries to transmit PNR data of all passengers to competent authorities, for the purpose of preventing, detecting, investigating and prosecuting terrorist offences and serious crimes. Data would be centralised and analysed by Passenger Information Units and the result of the analysis would be transmitted to competent national authorities in each Member State.
Since 2007, the EDPS has been following closely the developments related to a possible EU PNR scheme, in parallel with developments regarding PNR schemes of third countries. The main issue consistently raised by the EDPS focuses on the justification of the necessity of a European PNR scheme on top of a number of other instruments allowing for the processing of personal data for law enforcement purposes.
The EDPS acknowledges the visible improvements in terms of data protection in the present Proposal, compared to the version on which he has previously advised (see CNS/2007/0237). These improvements relate in particular to the scope of application of the Proposal, the definition of the role of different stakeholders (Passenger Information Units), the exclusion of the processing of sensitive data, the move towards a ‘push’ system without a transition period, and the limitation of data retention.
However, while there is a clear will to clarify the necessity of the scheme, the EDPS still fails to find in these new justifications a convincing basis to develop the system, especially with regard to large scale ‘prior assessment’ of all passengers.
The EDPS is obliged to observe that the essential prerequisite to any development of a PNR scheme — i.e. compliance with necessity and proportionality principles — is not met in the Proposal. The EDPS recalls that in his view, PNR data could certainly be necessary for law enforcement purposes in specific cases and meet data protection requirements. It is their use in a systematic and indiscriminate way, with regard to all passengers, which raises specific concerns.
In the view of the EDPS, the only measure compliant with data protection requirements would be the use of PNR-data on a case-by-case basis, when there is a serious threat established by concrete indicators.
In addition to this fundamental shortcoming, the comments of the EDPS concern the following aspects:
- the scope of application should be much more limited with regard to the type of crimes involved. The EDPS questions the inclusion in the Proposal of serious crimes which have no link with terrorism. In any case, minor crimes should be explicitly defined and ruled out. The EDPS recommends excluding the possibility for Member States to widen the scope of application;
- the nature of the different threats allowing for exchange of data between PIUs or with Member States has not sufficiently been defined;
- the data protection principles applicable should not only rely on Council Framework Decision 2008/977/JHA which includes shortcomings, notably in terms of data subjects’ rights and transfers to third countries. A higher standard of safeguards, based on the principles of Directive 95/46/EC, should be developed in the Proposal;
- no data should be kept beyond 30 days in an identifiable form, except in cases warranting further investigation;
- the list of PNR data to be processed should be reduced, in particular, the ‘general remarks’ field should not be included;
- the evaluation of the Directive should be based on comprehensive data, including the number of persons effectively convicted — and not only prosecuted — on the basis of the processing of their data.
The EDPS further recommends that the developments on EU PNR are assessed in a broader perspective including the ongoing general evaluation of all EU instruments in the field of information exchange management launched by the Commission in January 2010. In particular, the results of the current work on the European Information Exchange Model expected for 2012 should be taken into consideration in the assessment of the need for an EU PNR scheme.