Slashdot Mirror
EU Court Blocks Passenger Data Deal with U.S.
Reinier writes "The BBC reports that the European Court of Justice has ruled the airline data agreement with the United States is illegal. The 'agreement' required airlines to share 34 items of personal data of their passengers with American authorities at least fifteen minutes before take-off of any flight to the US. The Court of Justice examined the agreement after the European Parliament objected. A PDF of the ruling is available online."
For example: "Must have pasta." ... muhahah.
Article 25 of the EU Directive can be found on a number of sites and states that non-member countries may be provided with member data in the case of need. It's quite vague (standard law-talkin' guys strategy) so I could see it being read either way--entirely open ended!
My work here is dung.
This is what courts standing up for individual privacy rights look like.
Note how the US played the "Terrorism" card, and the courts didn't immediately fold.
You may wish to send this news item to your Attorney General.
Or you may wish to remain asleep.
Whatevers good with you.
I bet THAT makes the UK jealous.
That'll help all those EU-citizens a lot, that had their data sent to the USA in the past two years to be stored for the rest of eternity is all kind of dubious databases in the USA.
But better late than never. I always though the implementation of the treaty should have been postponed until this ruling.
From TFA, it seems the issue was more that the US doesn't guarantee sufficient protection of passanger data. Given that this data includes things like CC numbers and identifying information, I could see the concern.
Which raises the question as to what specifically the EU courts find lacking in US data security. Perhaps there are too few checks and balances with regard to who gets access to passenger data?
Erotic is when you use a feather. Exotic is when you use the whole chicken.
On the otherhand, it's good to see that the EU is flexing some muscle. Bush I believe will say..."they have some backbone..."
Does anyone think that US will start banning flights or threaten to remove financial aid if the data isn't shared? Would a European country give in to the US or obey the court ruling?
I think this is going to be a sticky mess since the rule of law isn't being respected in the US now and US attitudes towards foreign courts has always been "screw you, mate!"
Hell, this could open the floodgates for any kind of crazed nut-case.
"If we don't supply the information to the United States authorities then we're liable to fines of up to $6,000 per passenger and the loss of landing rights," he said.
"And if we do supply the data, potentially we're breaking the law [on data protection]."
So what are their options? Are the airlines going to have to completely suspend flights to the United States if neither side backs down?
(Not that this possibility isn't intriguing, but I certainly wouldn't want to have to be a manager in one the major European carriers for the next few months).
Look at the tomato! Isn't it sad? He can't dance! Poor tomato!
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
Could the US simply refuse visas to anybody who will not provide them that information?
And could they turn away a plane carrying somebody without a visa?
In general EU citizens get their visas in customs, after having landed in the US, and US citizens get the same treatment in the EU. That's always struck me as odd, actually; what if they refuse you a visa? You've flown all that way for nothing?
I wonder if they need to move the visa procedures back closer to the country of origin. That would probably be a massive regulatory hassle. And it would sure make relations between the US and the EU seem chillier.
Basically, the main problem of the database-war between the USA and the EU is, that the EU guarantee to its citizens certain rights concerning their data, like not having it transferred to third parties, the right to review the data about oneself and some limited rights to have the data erased. To prevent clever corporations to circumvent those regulations by shipping the data outside the EU, there's a directive that personal data can only be shipped to countries, that have similar data-protection rights (so called safe havens). As you can imagine, the USA isn't really too interested in giving its own citizens data protection rights from corporations and the gouvernement and even less on granting those rights to foreigners. Thus, no data transfer of personal data of EU-citizens to the USA.
The UK still has it better; the French have to cross water to get to the UK, but you can walk here from Quebec. They're building the fence along the wrong border.
At least all the relatives still acted surprised when we told them the name.
How to stamp out international tourism in 1 easy step.
What the USA is asking won't stop terrorists from getting on board planes. Not for a second. All it has the potential to do is flag innocent people.
File under 'M' for 'Manic ranting'
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
"The French backed down from sane free-market reforms in order to improve their high unemployment rate. They backed down due to the protests. No backbone there either."
ZOMG, an elected government listened to unhappy voters!
Let me see if I understand.
Sharing info BAD.
Logging all internet traffic(EU data retention acts) GOOD.
Huh?
These are the 34 items, taken from the DHS document at http://www.dhs.gov/interweb/assetlibrary/CBP-DHS_P NRUndertakings5-25-04.pdf which also describes how easily the data can be distributed, and how "deleted after 3.5 years" doesn't really mean what it says, but may mean that your data goes into a file marked "deleted, honest, and reely hard to read because it's raw data" and kept for 8 years or more.
1. PNR record locator code
2. Date of reservation
3. Date(s) of intended travel
4. Name
5. Other names on PNR
6. Address
7. All forms of payment information
8. Billing address
9. Contact telephone numbers
10. All travel itinerary for specific PNR
11. Frequent flyer information (limited to miles flown and address(es))
12. Travel agency
13. Travel agent
14. Code share PNR information
15. Travel status of passenger
16. Split/Divided PNR information
17. Email address
18. Ticketing field information
19. General remarks
20. Ticket number
21. Seat number
22. Date of ticket issuance
23. No show history
24. Bag tag numbers
25. Go show information
26. OSI information
27. SSI/SSR information
28. Received from information
29. All historical changes to the PNR
30. Number of travelers on PNR
31. Seat information
32. One-way tickets
33. Any collected APIS information
34. ATFQ fields
The 12 January 2004 draft "Undertakings of the [USA] Department of Homeland Security Bureau of Customs and Border Protection (CBP)" on transfers of airline reservations data (passenger name records, or PNR's) from the European Union to the USA, lists the following 34 items:
1. PNR record locator code
2. Date of reservation
3. Date(s) of intended travel
4. Name
5. Other names on PNR
6. Address
7. All forms of payment information
8. Billing address
9. Contact telephone numbers
10. All travel itinerary for specific PNR
11. Frequent flyer information (limited to miles flown and address(es))
12. Travel agency
13. Travel agent
15. Travel status of passenger
16. Split/Divided PNR information
17. Email address
18. Ticketing field information
19. General remarks
20. Ticket number
21. Seat number
22. Date of ticket issuance
23. No show history
24. Bag tag numbers
25. Go show information
26. OSI information
27. SSI/SSR information
28. Received from information
29. All historical changes to the PNR
30. Number of travellers on PNR
31. Seat information
32. One-way tickets
33. Any collected APIS information
34. ATFQ fields
The US doesn't give "financial aid" to Europe. Instead, Europe and Asia are pouring hundreds of billions of dollars into the US to keep the US economy afloat (it's not called "financial aid", but "loans and investments", but the end result is not that different). They are doing this because the US is an important export market for Europe and Asia and the world economy would collapse if they didn't do this.
So, the US has some credible economic threats against Europe, but withdrawal of "financial aid" isn't it. The US threat is more like "we can commit economic suicide and take you with us"; it's a threat better exercised with great care.
[sarcasm] Oh, great! So if I don't want my government to spy on me I can move to the US! That's wonderful.[/sarcasm}
It's the most ridiculous thing I heard all day.
Oh, and another ting: Why do you trust random corporations more than your government?!?! At least with the goverment you have a say in who makes the decisions, and you can punish them if they screw up.
This is of course just a realization that the US isn't as democratic as they like to pretend, as evidenced by the low voter turnouts at elections.
Go ahead and mod me down! But please stop and think if this troll might be making just a little bit of sense before you hit the moderate button.
"I don't know that Atheists should be considered as citizens, nor should they be considered patriots." -George H.W. Bush
Yeah and I loved Canada because they take care of their poor and homelessness is non-existant there ... until I found out they have a hell of a lot of homeless people.
Don't believe what you read in the papers or see on TV. America isn't the land of 6'2" blonde cowboys.
Yes, that sums it up quite well. And given the choice, trusting the gouvernement seems more reasonable, as they already have certain monopols (law making, law enforcement, military power). So if your gouvernement becomes corrupt to a point that even basic trust isn't justified any more, your personal data will be your least concern. Another feature of gouvernements is that it keeps the level of corruption rather equal across the branches. So if you still have a few branches you trust, there's a good chance you can trust the other branches as much.
On the other side you have the private sector, where every corporation does as it thinks it can get away with. If one oversteps the boundary, they'll declare bankrupt and the same people start another corporation with a different name and the same game. Self-regulation has been proven many times in the past not to work, a very popular example for this is boiler safety in the UK and US in the late 1800s. If the major concern is the protection of weak individuals against corporations, asking the industry to play fair and nice is naïve, if so much money can be made by not playing nice. Also corporations will have a hard time being more trustworthy than the gouvernement, which can threaten the people working in the corporation. Never underestimate the persuavie power of free roaming death-squads.
To balance things out, the private sector works far better if the goal is effiency to deliver products and services. So if you want cheap and efficient data protection, go to the private sector, if you want trustworthy data protection, stay with the gouvernement.
These rights are more to prevent the gouvernement to sell this data to the next direct marketeer, which will use it to make personalised adds along the road you drive every morning, or to have pharmacies sell your drug purchase history to your employer.
The political weasels would be more much likely to 'make the data available' to their bretheren the corporate weasels in exchange for campaign contributions than to sell it outright. They may have had their sense of morality surgically removed but they are not stupid. For Europeans ther is a bright side to this, at least the EU is finally growing a backbone vis-a-vis the USA. One of GWB's greatest legacies will probably be that with his 'Go it alone and damn what the rest of the world thinks!' policy he has burned through whatever credit the US had with the Europeans over the US saving their bacon durng WWII and he has done so in an amazingly short period of time.
Only to idiots, are orders laws.
-- Henning von Tresckow
Because a lot of terrorists striking the US came through this route lately...
Seriously, this and other measures are totally useless and inefficient to deter terrorists. The 9/11 hijackers had perfectly valid travel papers and would have been most likely granted entry even had these rules been in place. Building fences isn't going to do much, I'd rather suggest solving the problem at the source - US involvement in the Middle East.
If he explores all forms and substances Straight homeward to their symbol-essences; He shall not die.
I think you are misunderstanding the situation: it is perfectly fine to belittle a situation that you find stupid, although it often reflects more on the person making the comment than on the subject. That is one of the rights that my grandfather certainly fought for. He is not belittling France's right to self-determination, only the decision they came to. If that is forbidden ground, then the rest of the world needs to STFU about our Idiot in Chief, as we sadly elected him to a second term, Bob help us.
You can only drink 30 or 40 glasses of beer a day, no matter how rich you are.
-- Colonel Adolphus Busch
26. OSI information Other Supplemantary Information which does "not require action or a reply by the carrier. They are low-priority messages and are usually used for information purpose only."
27. SSI/SSR information Special Service Request
"Use SSR messages when you require an action or a reply to your request for these service items:
This obviously can include Credit Card and other information relating to connecting flights or to other passengers not even travelling to the USA.
Passport information is not mandatory for travel agents to demand, but it is often included.
So much for the exclusion of meal requests from the initial list of 39...
33. Any collected APIS information - Advanced Passenger Information System
- "passenger manifests" including name, nationality, passport number, date of birth, etc. - why are they duplicating data on two systems ?
34. ATFQ fields Automatic Ticket Fare Quote i.e. the price of the ticket and could be commercially sensitive
The SABRE system (and probably the other CRS systems) seems to have other hidden free text fields in the Passenger Name Record, which can be hidden from other airlines etc, but which are, presumably available to the US Deptment of Homeland Security
Given that the London and Madrid bombings took place on trains and on a bus, and we're talking about airline security - isn't this a little off-topic?
Hmmm, the /. article incorecctly states 15 minutes before flight departure, the Beeb, have their facts correct.
The APIS message (current message between Canada and the US) must be sent with 15 minutes of actual departure e.g. the plane is moving. I'm not clear if this means DOOR CLOSE,TAXI or what ever the message is from FliteData type of systems).
So, Canada and the US do this now, and have done for a while.
If the EEC court does not like this, stay in the EEC.
For the record, I am a Brit living in Calgary, Canada, who has just started working on an airline IT project.
That particular aspect of Christianity is relatively new. Historically one did not read the bible, and it was not in a language easy to learn. The priest translated and used the pope was the tie-breaker. Things have changed. Now anyone can misinterpret it conveniently, instead of just one power hungry guy.
(I'm American)
And I have a problem with this.
Remember, the hijackers in 2001 were all in the country legally. We had all the info on them we needed, either it just didn't add up or we failed to act upon it.
There's no way I'm surrendering my email address (amongst other things) to fly.
http://lkml.org/lkml/2005/8/20/95
>Ungrateful gits. My parents paid many of their hard earned dollars in taxes to finance the Marshall Plan. The Marshall Plan
>provided nearly 267 billion postwar dollars in aid to Europe -- which equals over two trillion of today's dollars.
Don't know where you got your figures from, but they're way out. The Marshall plan provided $13 billion dollars to Europe (source: http://usinfo.state.gov/ the equivalent of $90 billion in today's money -- a figure, incidentally, nearly 100 times smaller than the current US national debt. Moreover, the money could only be used "to buy goods from the United States, and they had to be shipped across the Atlantic on American merchant vessels" (source: the US government website again).
Incidentally, you, with your "hard earned tax dollars", now contribute 100 times less to foregn aid (0.34% of GDP, the lowest out of 22 MEDCs in the ODA survey) than to defense (3.4% of GDP) - figures taken from *before* the Iraq war.
What's purple and commutes? An Abelian grape.
I believe thats called "the right of self-determination". Your grandfather probably helped fight for it in World War 2, only for you to belittle it.
Yes, my grandfather was in France in WWII, and fought for France's right of self-determination, and he'd be one of the first to belittle some of the things they've chosen to do with that right.
Similarly, I believe deeply in the democratic process, but that doesn't mean that I automatically approve of every action taken by every democratic government.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
The fact that it had a reasonable justification at the time it was started does not mean that it continues to do so: it is quite probable that the flesh of vultures and jackals served on an airplane today is not poisonous.
The key thing about contexts is that they change. If you take any behaviour, not matter how smart it is, to a context in which it stops being sensible, well: it stops being sensible.
It's great, because we never have to wonder about the baby's gender.
US terror watchlist 80,000 names long: report. aspx?newsid=1312/
"The classified list, which carried just 16 names before the September 11, 2001 attacks in New York and Washington had grown to 1,000 by the end of 2001, to 40,000 a year later and now stands at 80,000"
8 Dec 2005
http://www.sweden.se/templates/cs/NewsML____12744
Yes, they do. The same part of the bible that says gay sex is a sin also has similarly strong words for those who eat shellfish. Quote the book itself:
This is where "kosher" comes from. It's food that follows the laws stated in The Old Testiment. If you don't follow them, you will burn in hell aparently. Things like kosher and halal may seem silly to some, but they are no more silly than anything else in religion.
The christian texts were written in Latin and Aramaic, and not translated until the second breaking of the church. Even when the empire was strong, most Christians didn't know Latin. The Q'ran was written in the vernacular that everyone who could read at all could read (the muslim empire had a much stronger universal language than late/post-fall rome did). So, essentially, you have it backwards for most of the history of the religions.
As for the present, I have an english translation of the text sitting on my desk right now, which kind of blows your theory out of the water. I'm informed you have to learn Arabic to be considered a scholar of the text, but since you also have to learn French to be a french major and German to be a German major in college, this requirement does not strike me as particularly unreasonable.
(P.S. - Any seminary worth its salt FORCES you to learn latin and greek, though I've heard some will let you slide on the Aramaic and Hebrew, but not many.)
...it's really a sad day for America when we require a goddamn ACT OF CONGRESS to make our DVD players work properly. ~
Most of this thread has missed the point.
The U.S. is a soverign nation, not part of the EU. Travel into the U.S. is at the discretion of the U.S.
All this means is increased screening of people travelling from the E.U. and increased cost to them.
It doesn't matter at all what the EU says, they don't control entry to the U.S.
EU: We demand our laws be upheld
US: That's fine, your laws apply to your land, not ours. Give us the details we want to allow entry.
EU: No
US: OK, no entry. Next.
The 9/11 hijackers had perfectly valid travel papers and would have been most likely granted entry even had these rules been in place.
Some of them entered the US with perfectly valid travel papers. As I recall, the 9/11 Commission Report mentioned that two of them entered with obviously-forged passports, but, for some reason, the customs guys at the border decided to let it slide. Others were already known terrorists and should not have been issued visas in the first place.
You're absolutely right that all the new laws since then probably wouldn't have kept these guys out, but everyone seems to overlook the reverse of that argument: The laws already in place on Sept. 10, 2001 would have been sufficient to catch at least half of these guys - and, more likely than not, to prevent the attack entirely - if only they had been properly enforced.
I also agree that US involvement in the mideast (and, specifically, our dogmatic insistence on supporting Israel, no matter what) is the root issue and needs to be addressed if we're ever to get a true resolution to our terrorist problems.
"Leviticus 18:22 - Thou shalt not lie with mankind, as with womankind: it is abomination."
:)
Note that while this forbids gay men from having sex with each other, it also (read strictly) excludes heterosexual women from having sex with men! And as for the heterosexual men, well, surely leading the heterosexual women into sin is itself a sin! Thus, the only blessed, bible-certified-and-approved form of sex is lesbian sex!