Europe Agrees To Send Airline Passenger Data To US

Qedward writes "The European Parliament has approved the controversial data transfer agreement, the bilateral PNR (passenger name register), with the US which requires European airlines to pass on passenger information, including name, contact details, payment data, itinerary, email and phone numbers to the Department of Homeland Security. Under the new agreement, PNR data will be 'depersonalized' after six months and would be moved into a 'dormant database' after five years. However the information would still be held for a further 15 years before being fully 'anonymized.'"

Why?

[Zapotek]

Why comply? What would the US do, deny entrance to all EU citizens?
Anyone care to explain this?

Re:Why?

[polar+red]

deny entrance to all EU citizens?

this agreement has the same effect on me - I will never travel to the US.

Re:Why?

[aaaaaaargh!]

I think they basically blackmailed the EU, threatening to require Visa for all Europeans, announcing special controls and harassment of European travelers if they EU would not comply, etc.

It is well-known European politicians have no backbone and comply to US demands any time when a tiny bit of pressure is put on them. There are numerous examples and this is just one of them. :(

Re:Why?

[Rogerborg]

I will never travel to the US

Just so we're clear, everybody who has ever said this had no intention nor need to travel to the USA anyway.

Hans Ze Vacationer doesn't care. Jean le Commerce has no choice. You can't fight this with a boycott.

Re:Why?

[1s44c]

Just so we're clear, everybody who has ever said this had no intention nor need to travel to the USA anyway.

I had the intention. I travel to lots of countries to see the sights, stay in the hotels, and eat at the restaurants, Most countries value tourists as they bring in money, the US treats them like criminals. I really won't overstay my visa, I have more than enough money to support myself, and I sure as hell won't hurt or damage anyone or anything.

They don't want me there? That's a shame, I'll go to the far east and pig out on seafood instead.

Re:Why?

[camperdave]

And you've joined the list of people who think hyperbole has a place in a serious discussion. Everyone was already required to provide this information before entering the US anyway. Now they just get it from the airlines.

No. Now they get it no matter where you are travelling. Flying from Paris to Rome? US gets the data. Madrid to London? Uncle Sam hears about it. Even if you never have any plans to ever visit the States, they will have a record of every flight you ever took.

Re:Fuck this. Fuck EVERYTHING about this

[Zsub]

First Europe sends banking info, passenger info, what will come? And there, for a moment, I believed Europe stopped being America's bitch. I'm voting... No wait, I don't know what or who I'm voting, because all parties I somewhat agree with agree with this shit. Fuck.

Re:Fuck this. Fuck EVERYTHING about this

Vore for your local Pirate Party. I've heard they're at 12% in the polls in Germany. Let's repeat that in all our European countries. EU is not a state in the US.

And by "depersonalized" and "dormant" they mean...

[matunos]

...absolutely nothing.

What routes? And why transfer data at all?

[Alwin+Henseler]

Yet another reason for me not to set foot on an aircraft bound for the United States.

Might make no difference... The way I'm reading the article, it says "requires European airlines to pass on passenger information", without going into detail about whether that's US-bound flights only, flights within the EU, flights from EU to outside EU (but not US), or even any flight, from/to anywhere, done by an EU-based airline company. It would be good if someone could clear this up.

Secondly I don't see why passenger data would need to be transferred to US control at all. It's really naive to assume that the US will handle such data as agreed. Good chance it will end up in multiple databases, and possibly used at will (since under US control), in violation of agreement. What safeguards has the EU to the contrary? Any?

Of course the US wants some persons not to board an airplane, why not arrange for the US to provide that watchlist to an EU-controlled organization that checks this watchlist against passenger data? Flag & possibly take action on matches, data for people that don't set off any flags then wouldn't need to be transferred to the US (that is, other than what's done already in US-bound flights).

All this reads to me as: EU doesn't care about its citizens' privacy & lets itself be bullied by the US. Annoying - the EU is not even 1 sovereign nation, it's a whole group of sovereign nations. Combined a bigger population than the US. Our politicians should really show some more backbone.

Source is here...

[UnoriginalBoringNick]

17434/11 - Agreement between the United States of America and the European Union on the use and transfer of Passenger Name Records to the United States Department of Homeland Security

ARTICLE 2
Scope
1.
PNR, as set forth in the Guidelines of the International Civil Aviation Organization, shall
mean the record created by air carriers or their authorized agents for each journey booked by or on
behalf of any passenger and contained in carriers' reservation systems, departure control systems, or
equivalent systems providing similar functionality (collectively referred to in this Agreement as
"reservation systems"). Specifically, as used in this Agreement, PNR consists of the data types set
forth in the Annex to this Agreement ("Annex").
2.
This Agreement shall apply to carriers operating passenger flights between the
European Union and the United States.
3.
This Agreement shall also apply to carriers incorporated or storing data in the
European Union and operating passenger flights to or from the United States.
ARTICLE 3
Provision of PNR
The Parties agree that carriers shall provide PNR contained in their reservation systems to DHS as
required by and in accordance with DHS standards and consistent with this Agreement. Should
PNR transferred by carriers include data beyond those listed in the Annex, DHS shall delete such
data upon receipt.

Article 2 Item 1 Defines PNR as being data gathered for any flight, anywhere
Article 2 Items 2 and 3 Specify that carriers who must comply are those who operate flights to the USA even if they are incorporated and store their data - in Europe

The data in the Annex - mentioned in Article 2 Item 1 and Article 3 is as follows:

ANNEX
PNR Data Types
1. PNR record locator code
2. Date of reservation/issue of ticket
3. Date(s) of intended travel
4. Name(s)
5. Available frequent flier and benefit information (i.e., free tickets, upgrades, etc.)
6. Other names on PNR, including number of travelers on PNR
7. All available contact information (including originator information)
8. All available payment/billing information (not including other transaction details linked to a credit card or account and not connected to the travel transaction)
9. Travel itinerary for specific PNR
10. Travel agency/travel agent
11. Code share information
12. Split/divided information
13. Travel status of passenger (including confirmations and check-in status)
14. Ticketing information, including ticket number, one way tickets and Automated Ticket Fare Quote
15. All baggage information
16. Seat information, including seat number
17. General remarks including OSI, SSI and SSR information
18. Any collected APIS information
19. All historical changes to the PNR listed under points 1 to 18

I have seen nothing in the agreement that limits the data gathering to flights to / from the USA

If anyone finds wording to contradict me please reply.