Slashdot Mirror
EU Court Blocks Passenger Data Deal with U.S.
Reinier writes "The BBC reports that the European Court of Justice has ruled the airline data agreement with the United States is illegal. The 'agreement' required airlines to share 34 items of personal data of their passengers with American authorities at least fifteen minutes before take-off of any flight to the US. The Court of Justice examined the agreement after the European Parliament objected. A PDF of the ruling is available online."
For example: "Must have pasta." ... muhahah.
Article 25 of the EU Directive can be found on a number of sites and states that non-member countries may be provided with member data in the case of need. It's quite vague (standard law-talkin' guys strategy) so I could see it being read either way--entirely open ended!
My work here is dung.
This is what courts standing up for individual privacy rights look like.
Note how the US played the "Terrorism" card, and the courts didn't immediately fold.
You may wish to send this news item to your Attorney General.
Or you may wish to remain asleep.
Whatevers good with you.
I bet THAT makes the UK jealous.
That'll help all those EU-citizens a lot, that had their data sent to the USA in the past two years to be stored for the rest of eternity is all kind of dubious databases in the USA.
But better late than never. I always though the implementation of the treaty should have been postponed until this ruling.
From TFA, it seems the issue was more that the US doesn't guarantee sufficient protection of passanger data. Given that this data includes things like CC numbers and identifying information, I could see the concern.
Which raises the question as to what specifically the EU courts find lacking in US data security. Perhaps there are too few checks and balances with regard to who gets access to passenger data?
Erotic is when you use a feather. Exotic is when you use the whole chicken.
On the otherhand, it's good to see that the EU is flexing some muscle. Bush I believe will say..."they have some backbone..."
Does anyone think that US will start banning flights or threaten to remove financial aid if the data isn't shared? Would a European country give in to the US or obey the court ruling?
I think this is going to be a sticky mess since the rule of law isn't being respected in the US now and US attitudes towards foreign courts has always been "screw you, mate!"
Hell, this could open the floodgates for any kind of crazed nut-case.
"If we don't supply the information to the United States authorities then we're liable to fines of up to $6,000 per passenger and the loss of landing rights," he said.
"And if we do supply the data, potentially we're breaking the law [on data protection]."
So what are their options? Are the airlines going to have to completely suspend flights to the United States if neither side backs down?
(Not that this possibility isn't intriguing, but I certainly wouldn't want to have to be a manager in one the major European carriers for the next few months).
Look at the tomato! Isn't it sad? He can't dance! Poor tomato!
Could the US simply refuse visas to anybody who will not provide them that information?
And could they turn away a plane carrying somebody without a visa?
In general EU citizens get their visas in customs, after having landed in the US, and US citizens get the same treatment in the EU. That's always struck me as odd, actually; what if they refuse you a visa? You've flown all that way for nothing?
I wonder if they need to move the visa procedures back closer to the country of origin. That would probably be a massive regulatory hassle. And it would sure make relations between the US and the EU seem chillier.
Basically, the main problem of the database-war between the USA and the EU is, that the EU guarantee to its citizens certain rights concerning their data, like not having it transferred to third parties, the right to review the data about oneself and some limited rights to have the data erased. To prevent clever corporations to circumvent those regulations by shipping the data outside the EU, there's a directive that personal data can only be shipped to countries, that have similar data-protection rights (so called safe havens). As you can imagine, the USA isn't really too interested in giving its own citizens data protection rights from corporations and the gouvernement and even less on granting those rights to foreigners. Thus, no data transfer of personal data of EU-citizens to the USA.
At least all the relatives still acted surprised when we told them the name.
How to stamp out international tourism in 1 easy step.
What the USA is asking won't stop terrorists from getting on board planes. Not for a second. All it has the potential to do is flag innocent people.
File under 'M' for 'Manic ranting'
Athletic Scholarships to universities make as much sense as academic scholarships to sports teams.
"The French backed down from sane free-market reforms in order to improve their high unemployment rate. They backed down due to the protests. No backbone there either."
ZOMG, an elected government listened to unhappy voters!
Let me see if I understand.
Sharing info BAD.
Logging all internet traffic(EU data retention acts) GOOD.
Huh?
These are the 34 items, taken from the DHS document at http://www.dhs.gov/interweb/assetlibrary/CBP-DHS_P NRUndertakings5-25-04.pdf which also describes how easily the data can be distributed, and how "deleted after 3.5 years" doesn't really mean what it says, but may mean that your data goes into a file marked "deleted, honest, and reely hard to read because it's raw data" and kept for 8 years or more.
1. PNR record locator code
2. Date of reservation
3. Date(s) of intended travel
4. Name
5. Other names on PNR
6. Address
7. All forms of payment information
8. Billing address
9. Contact telephone numbers
10. All travel itinerary for specific PNR
11. Frequent flyer information (limited to miles flown and address(es))
12. Travel agency
13. Travel agent
14. Code share PNR information
15. Travel status of passenger
16. Split/Divided PNR information
17. Email address
18. Ticketing field information
19. General remarks
20. Ticket number
21. Seat number
22. Date of ticket issuance
23. No show history
24. Bag tag numbers
25. Go show information
26. OSI information
27. SSI/SSR information
28. Received from information
29. All historical changes to the PNR
30. Number of travelers on PNR
31. Seat information
32. One-way tickets
33. Any collected APIS information
34. ATFQ fields
The US doesn't give "financial aid" to Europe. Instead, Europe and Asia are pouring hundreds of billions of dollars into the US to keep the US economy afloat (it's not called "financial aid", but "loans and investments", but the end result is not that different). They are doing this because the US is an important export market for Europe and Asia and the world economy would collapse if they didn't do this.
So, the US has some credible economic threats against Europe, but withdrawal of "financial aid" isn't it. The US threat is more like "we can commit economic suicide and take you with us"; it's a threat better exercised with great care.
[sarcasm] Oh, great! So if I don't want my government to spy on me I can move to the US! That's wonderful.[/sarcasm}
It's the most ridiculous thing I heard all day.
Oh, and another ting: Why do you trust random corporations more than your government?!?! At least with the goverment you have a say in who makes the decisions, and you can punish them if they screw up.
This is of course just a realization that the US isn't as democratic as they like to pretend, as evidenced by the low voter turnouts at elections.
Go ahead and mod me down! But please stop and think if this troll might be making just a little bit of sense before you hit the moderate button.
"I don't know that Atheists should be considered as citizens, nor should they be considered patriots." -George H.W. Bush
Yes, that sums it up quite well. And given the choice, trusting the gouvernement seems more reasonable, as they already have certain monopols (law making, law enforcement, military power). So if your gouvernement becomes corrupt to a point that even basic trust isn't justified any more, your personal data will be your least concern. Another feature of gouvernements is that it keeps the level of corruption rather equal across the branches. So if you still have a few branches you trust, there's a good chance you can trust the other branches as much.
On the other side you have the private sector, where every corporation does as it thinks it can get away with. If one oversteps the boundary, they'll declare bankrupt and the same people start another corporation with a different name and the same game. Self-regulation has been proven many times in the past not to work, a very popular example for this is boiler safety in the UK and US in the late 1800s. If the major concern is the protection of weak individuals against corporations, asking the industry to play fair and nice is naïve, if so much money can be made by not playing nice. Also corporations will have a hard time being more trustworthy than the gouvernement, which can threaten the people working in the corporation. Never underestimate the persuavie power of free roaming death-squads.
To balance things out, the private sector works far better if the goal is effiency to deliver products and services. So if you want cheap and efficient data protection, go to the private sector, if you want trustworthy data protection, stay with the gouvernement.
Because a lot of terrorists striking the US came through this route lately...
Seriously, this and other measures are totally useless and inefficient to deter terrorists. The 9/11 hijackers had perfectly valid travel papers and would have been most likely granted entry even had these rules been in place. Building fences isn't going to do much, I'd rather suggest solving the problem at the source - US involvement in the Middle East.
If he explores all forms and substances Straight homeward to their symbol-essences; He shall not die.
26. OSI information Other Supplemantary Information which does "not require action or a reply by the carrier. They are low-priority messages and are usually used for information purpose only."
27. SSI/SSR information Special Service Request
"Use SSR messages when you require an action or a reply to your request for these service items:
This obviously can include Credit Card and other information relating to connecting flights or to other passengers not even travelling to the USA.
Passport information is not mandatory for travel agents to demand, but it is often included.
So much for the exclusion of meal requests from the initial list of 39...
33. Any collected APIS information - Advanced Passenger Information System
- "passenger manifests" including name, nationality, passport number, date of birth, etc. - why are they duplicating data on two systems ?
34. ATFQ fields Automatic Ticket Fare Quote i.e. the price of the ticket and could be commercially sensitive
The SABRE system (and probably the other CRS systems) seems to have other hidden free text fields in the Passenger Name Record, which can be hidden from other airlines etc, but which are, presumably available to the US Deptment of Homeland Security
Hmmm, the /. article incorecctly states 15 minutes before flight departure, the Beeb, have their facts correct.
The APIS message (current message between Canada and the US) must be sent with 15 minutes of actual departure e.g. the plane is moving. I'm not clear if this means DOOR CLOSE,TAXI or what ever the message is from FliteData type of systems).
So, Canada and the US do this now, and have done for a while.
If the EEC court does not like this, stay in the EEC.
For the record, I am a Brit living in Calgary, Canada, who has just started working on an airline IT project.
(I'm American)
And I have a problem with this.
Remember, the hijackers in 2001 were all in the country legally. We had all the info on them we needed, either it just didn't add up or we failed to act upon it.
There's no way I'm surrendering my email address (amongst other things) to fly.
http://lkml.org/lkml/2005/8/20/95
>Ungrateful gits. My parents paid many of their hard earned dollars in taxes to finance the Marshall Plan. The Marshall Plan
>provided nearly 267 billion postwar dollars in aid to Europe -- which equals over two trillion of today's dollars.
Don't know where you got your figures from, but they're way out. The Marshall plan provided $13 billion dollars to Europe (source: http://usinfo.state.gov/ the equivalent of $90 billion in today's money -- a figure, incidentally, nearly 100 times smaller than the current US national debt. Moreover, the money could only be used "to buy goods from the United States, and they had to be shipped across the Atlantic on American merchant vessels" (source: the US government website again).
Incidentally, you, with your "hard earned tax dollars", now contribute 100 times less to foregn aid (0.34% of GDP, the lowest out of 22 MEDCs in the ODA survey) than to defense (3.4% of GDP) - figures taken from *before* the Iraq war.
What's purple and commutes? An Abelian grape.
I believe thats called "the right of self-determination". Your grandfather probably helped fight for it in World War 2, only for you to belittle it.
Yes, my grandfather was in France in WWII, and fought for France's right of self-determination, and he'd be one of the first to belittle some of the things they've chosen to do with that right.
Similarly, I believe deeply in the democratic process, but that doesn't mean that I automatically approve of every action taken by every democratic government.
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.
"Leviticus 18:22 - Thou shalt not lie with mankind, as with womankind: it is abomination."
:)
Note that while this forbids gay men from having sex with each other, it also (read strictly) excludes heterosexual women from having sex with men! And as for the heterosexual men, well, surely leading the heterosexual women into sin is itself a sin! Thus, the only blessed, bible-certified-and-approved form of sex is lesbian sex!