Members of the European Parliament’s Committee on Civil Liberties (LIBE) expressed, on Thursday 2 March, scepticism and even weariness about the Commission’s new proposals to collect personal data, in this case air passenger information data.
The Commission had proposed in December a revision of the ‘API’ (Advanced Passenger Information) Directive through two draft regulations on the ‘collection and transfer of advance passenger information to facilitate external border controls’ and on the ‘collection and transfer of advance passenger information for the prevention and detection of terrorist offences and serious crime’ (see EUROPE 13083/13).
The new rules, which are intended to ensure that all Member States collect and use API data in the same way on all incoming flights, also require air carriers to provide API data on intra-EU flights.
API data is collected at the time of boarding and is intended to verify that the data presented at boarding coincides with the reservation data collected under the passenger name record (PNR) Directive. The API data, although also intended to be used to combat terrorism and crime, is only kept for 48 hours.
For LIBE MEPs, however, these two new texts are “further steps in the instruments of personal data collection”, as Birgit Sippel (S&D, German) put it. And the readability and added value of these new legislative tools compared to what the PNR framework already does is far from clear to some.
“We are inundated with data collection instruments”, said the Dutch MEP Tineke Strik (Greens/EFA), questioning whether the two new texts would target specific categories of people.
MEP Jeroen Lenaers (EPP, Dutch) welcomed the proposals in principle, while API data is collected on only 65% of incoming flights in the EU. However, he found the process complex, with two texts on the same subject requiring two different rapporteurs.
The Commission representative, Olivier Onidi, explained that these two texts will have to remedy the “5 to 10%” of information given at the time of booking that does not correspond to that presented at the time of boarding and this may concern individuals at risk.
The 2004 Directive also did not require Member States to request API data from air carriers, which creates disparities and inconsistencies in the way data is collected and used, with some Member States systematically collecting API data and others not.
These API data will concern all travellers to the EU, the Commission representative said, and as far as intra-EU flights are concerned, API data will only be collected on intra-EU flights where PNR data is itself already collected, within the framework allowed by the Court of Justice of the EU. (Original version in French by Solenn Paulic)