EU and US Reach Deal On Airline Data

gambit3 writes "According to the BBC, the EU and the US have struck a new deal for sharing airline passenger data. It will replace a deal struck down by the European Court of Justice in May, which allowed the US its own access to passenger data. Under the deal, the EU will 'push' the data — 34 pieces of information per passenger — to the US, replacing the current 'pull' system. The new deal will expire at the end of July 2007."

34 data fields (missing from article)

[digitalderbs]

The data fields can be found from this earlier article.

• Information about the passenger: name; address; date of birth; passport number; citizenship; sex; country of residence; US visa number (plus date and place issued); address while in the US; telephone numbers; e-mail address; frequent flyer miles flown; address on frequent flyer account; the passenger's history of not showing up for flights
• Information about the booking of the ticket: date of reservation; date of intended travel; date ticket was issued; travel agency; travel agent; billing address; how the ticket was paid for (including credit card number); the ticket number; which organisation issued the ticket; whether the passenger bought the ticket at the airport just before the flight; whether the passenger has a definite booking or is on a waiting list; pricing information; a locator number on the computer reservation system; history of changes to the booking
• Information about the flight itself: seat number; seat information (eg aisle or window); bag tag numbers; one-way or return flight; special requests, such as requests for special meals, for a wheelchair, or help for an unaccompanied minor
• Information about the passenger's itinerary: other flights ticketed separately, or data on accommodation, car rental, rail reservations or tours.
• Information about other people: the group the passenger is travelling with; the person who booked the ticket

Re:So what's changed?

[Decado]

RTFA Please

The new system is better from an EU standpoint because the data is sent to a single secure source. They no longer have to worry about it being pulled from an untrusted source. There is no longer an external logon to the EU system that could potentially reveal private information. Instead it is pushed securely to a trusted homeland security site which is then responsible for distributing it within the US. Because the EU is no longer a risk for distributing private information it is OK within the EU. If there is a privacy breach it won't be the fault of the EU and that makes the EU authorities happy. From the standpoint of the consumer the same data still flies around but that was never the issue, the issue was that there was potential for the EU system to leak sensitive data which was unacceptable.