At present an agreed amount of data is transferred to the US
within 15 minutes of a US-bound plane taking off; but this
sometimes results in planes being turned back, as has happened
twice over the past month.
Speaking last week, Chertoff indicated that he would prefer the
data to be transferred an hour before the plane departed.
Yesterday, at the German Marshall Fund and European Policy
Center in Brussels, Chertoff expanded on his theme, calling on the
EU to carry on the fight against terrorism by joining together with
the US to create security envelopes – "secure environments through
which people and cargo can move rapidly, efficiently and safely
without sacrificing security or privacy".
Those individuals within the security envelope would pass across
the globe without being stopped and rechecked at every point,
allowing resources to be focused on those outwith the envelope, who
would be subjected to more in-depth analysis.
Screening would play a major part in this, and should be
extended to cover biometric data – a requirement that chimes with
the proposed launch of the Visa Waiver Scheme in the US.
This is due to be enforced from October 2005. By that time,
passports granted to visitors from countries currently entitled to
visit the US without first obtaining a visa – including EU
countries – must contain biometric identifiers.
"Right now, in many ways we are using the most primitive kind of
screening – meaning we screen for names that match lists of
terrorists and criminals," said Chertoff. "Names can be changed,
identification documents can be forged. But biometric identifiers
can help reduce that type of fraud and protect the identity of the
visa holder by making it much more difficult to impersonate
someone."
In the area of law enforcement, Chertoff urged increased
communication and information sharing. "For example, each country
holds a reservoir of fingerprints taken from terrorists and violent
criminals. Exchanging such biometric data is an important way to
ensure that terrorists and murderers do not exploit informational
seams between countries," he said.
European MEPs and privacy activists are unlikely to be pleased
by the call. The existing agreement between the EU and US over the
transfer of air passenger data is already the subject of a referral
to the European Court of Justice.
Background
Airlines operating passenger flights to, from or through the US
have been transferring passenger data contained in their
reservation and departure control systems to US Customs since March
2003, in order to comply with US anti-terror requirements.
The transfer has been controversial, not only because the US
does not meet general EU data protection requirements, but because
an agreement setting out the terms of the transfer, signed in June
last year, has also been found wanting.
The problem in Europe is that its Data Protection Directive of
1995 provides that personal data may only be transferred to third
countries if the specific country ensures an adequate level of
protection. The Commission decides which countries have adequate
laws but, to date, only a few countries – not including the US –
have met the criteria.
Lengthy negotiations between the Commission and the US came to a
head in December 2003 when the Commission announced that an
agreement had been reached that would provide EU air passengers
with sufficient data protection.
But the decision to make this "adequacy finding" was largely a
political one, and civil liberties groups and the European
Parliament took issue with the Commission announcement, arguing
that it, and the international agreement upon which the finding was
made, do not provide sufficient protection, in terms of EU law, for
European passengers travelling to the US.
The criticisms have been consistent, culminating in a decision
by MEPs to refer the agreement to the European Court of Justice for
an opinion.
