MEPs remain sceptical about the ‘PNR’ agreements on the transfer of European air passengers’ personal data that the EU has concluded with several non-Member States, including Australia, the United States, and Canada.
They had the opportunity to express their doubts during an exchange with the European Commission on Tuesday 23 March. The Commission and the MEPs discussed the evaluation reports on these agreements, which came into force in 2015 for the United States and 2012 for Australia and have been automatically renewed since then.
As a basis for discussion, the MEPs had the evaluation reports published in January by the Commission, which, according to a representative of the institution, show that “the results are there” in terms of preventing terrorism or serious crime.
However, the Commission official continued, “there is always room for improvement”, and as far as Australia is concerned, loopholes exist. For example, the Australian authorities do not shed enough light on the transfer of European data to non-Member States. “We need more details, more knowledge of what is going on”, he said.
The Commission also believes that too many people have access to Europeans’ data, whereas the processing of PNR data should be reserved for a smaller team. Australian authorities should also share their ‘PNR’ data more systematically with Member States and Europol, as they do with Canberra.
United States. With regard to the agreement with the United States, exchanges of information and on-site missions have also led to the conclusion that the PNR agreement has added value, although the Commission did not provide figures or statistics on Tuesday.
As for the draft new agreement with Canada, the Commission hopes that this will be concluded “in the coming weeks”. However, discussions have stalled over the 5-year data retention period sought by the Commission.
This assessment has raised the ire of some elected officials. Sophie in’t Veld (Renew Europe, Netherlands) recalled that the agreement with the United States is “illegal” due to a judgment from the EU Court of Justice on the agreement with Canada, which did not respect fundamental rights (see EUROPE 11837/2), thus casting doubt on the legality of existing agreements.
The MEP also expressed concern that a discussion is currently underway with Washington on the link between ‘PNR’ data and health data, such as vaccination or recovery data. A digital certificate applicable to non-Member States is also under consideration, and the “US requires a certain amount of data” on health, the Commission confirmed.
German MEP Birgit Sippel (S&D) commented ironically on the Commission’s positive assessment of the agreement with Australia, while she spoke of improvements to be made to this cooperation “after all these years”. She requested that the Commission provide statistics to assess the effectiveness of these ‘PNR’ agreements in practice.
See the Commission’s reports on the ‘PNR’ agreement with the US: http://bit.ly/397wuD1 and with Australia: http://bit.ly/398BPda (Original version in French by Solenn Paulic)