The Czech Presidency of the Council of the EU consulted, on Friday 16 September, Member States in the Working Party on Information Exchange in the field of Justice and Home Affairs (IXIM), on how to continue to implement the EU Directive on the collection of air passenger data from the EU to third countries and to the EU from third countries, in the wake of the Court of Justice of the EU’s judgment of 21 June (see EUROPE 12976/24).
In its judgment, the Court of Justice had asked Member States to limit the Directive to the “strictest necessary”, in particular as regards the possible application of PNR collection to intra-EU flights, which must be subject to independent judicial review and respond to a specific terrorist threat. The Court had responded to a complaint filed by the Belgian Ligue des droits humains.
In a preparatory note to the meeting, the Presidency stresses from the outset that “there are strong operational reasons for continuing to apply the PNR Directive on intra-EU flights, even considering he limitations resulting from the judgment”.
However, the application of the PNR system to a selection of intra-EU flights only presents “a number of significant disadvantages”, several national delegations pointed out, as explained by Prague. “In light of that, it would be useful to explore any viable alternatives that might comply with the judgment”.
However, applying the directive to all intra-EU flights, without distinction, may only be justified by a genuine and present or foreseeable terrorist threat on sufficiently solid grounds. Such indiscriminate collection of PNR data should also be subject to effective control by an independent authority.
This would require all or most Member States to be able to, before a court, “justify as being sound their successive assessments that the terrorist threat each of them is confronted with is genuine and present or foreseeable”, the note says.
The Czech Presidency therefore asks them to say whether this scenario would be “realistic” in their situation.
The 9 September document also explains that some delegations have already argued that the terrorist threat is not easily quantified and is rarely limited to a specific time period. “Effective limitation of processing of PNR data could potentially be achieved by ‘filtering’ PNR data from all intra-EU flights by an automatic comparison with relevant databases (alerts) that lead to specific actions. In this ‘filter’ procedure, false positives would be subsequently eliminated by feedback from the competent authorities or even verified by an independent body”, explains Prague, which was therefore also due to survey national experts on 16 September on this filtering method.
The note further refers to Member States’ concerns that “the limitations set out in the judgment (on routes, on PNR data elements and on databases to which the PNR data may be compared) could result in reduced operational efficiency of PNR processing”.
A solution here could lie in threat assessment at European level and support from Europol.
Here the Presidency was also to ask Member States if they would “be ready to share their risk assessments and to use the risk assessments established by other Member States”.
Link to the note: https://aeur.eu/f/34b (Original version in French by Solenn Paulic)