Brussels, 20/05/2011 (Agence Europe) - On 16 May, the European Commission finalised its draft PNR deal with the United States (on the personal information about EU air passengers on flights to and from the US), but several questions may now arise about whether the draft agreement is proportionate and how passenger information would be sent to the US Department of Homeland Security (DHS), despite a charm offensive over the past few days by the United States (sending a number of officials and Senators to Brussels). Under the new draft, the PNR objectives could be expanded to cover not only counter-terror and organised crime but also the general need to ensure public order. For serious crimes, for example, the deal would apply to any cross-border crime that could be subject to extradition procedures as set out in the EU-US extradition deals, in other words any crime for which at least a year in prison could be issued, which includes tax fiddling.
On the question of Europeans being able to scrutinise the PNR details on them sent to the DHS, and appeals against abuse of such information, the draft agreement says that there must not be any discrimination on the basis of nationality and therefore there should be a degree of equality with US citizens, but the practical details are vague.
Likewise for the right of the US authorities to refuse to allow individuals to see the information stored about them, as the draft deal does not include a specific time in which such a refusal should be given, only a vague “at the appropriate time”. There is no mention of what might justify such a refusal, only stating that the law by which the information is being stored and the appeal process must be indicated.
When it comes to the appeals process, the draft deal says that any individual can request proper administrative and judicial compensation under US legislation and any individual would be entitled to “administratively” challenge DHS decisions about the use of PNR. The draft deal lists the US laws that EU citizens could use to launch a judicial appeal, like the Freedom of Information Act and Privacy Act. This is more detailed than in the Swift-TFPT deal but a source points out that this could easily be window-dressing by the United States, because there is no obligation on the US to change its laws because the Privacy Act does not apply to non-Americans.
Another controversial issue is the length of time that the US authorities can keep personal information about European air passengers, up to 15 years (“active” data retention for 5 years and then “dormant” data retention for a further 10 years). There are improvements on the previous timings because after an initial six months, the PNR information must be de-personalised (hiding the name, contact details and general comments, for example) and access to the active database should be restricted to a limited number of authorised US officials. There would be further restrictions on access to the dormant database and personal information could be provided only for investigations or the needs of the security forces in the event of specific risks or dangers. After the 15 year period, all information, whether including personal details or not, would be made anonymous by deleting the personal identity information. Sensitive information like religion, gender identity and political leanings would be filtered and automatically hidden by computer. Under the draft deal, access to sensitive information would only be allowed on a case-by-case basis in exceptional circumstances. The EU Council of Ministers and the EP will now examine these issues but the negotiations are likely to be far more problematic than the EU-Australia PNR deal under discussion at the Council of Ministers. (S.P./transl.fl)