Out-Law News 1 min. read
05 Mar 2007, 3:59 pm
The Article 29 Working Party, an independent European advisory body on data protection and privacy, has published a report containing instructions for travel operators on how to deal with the controversial issue of passenger name records (PNR).
Since the terrorist attacks in the US of 11th September 2001 US security agencies have insisted on being provided with much of the personal information held by airlines on every passenger from Europe entering the country.
Airlines and the European Commission agreed a deal whereby 34 pieces of information are passed to the US. That deal was opposed by the European Parliament and was judged by the European Court of Justice to be illegal on a technicality. A new, almost identical deal was put in place last autumn.
"Airlines, travel agents and computer reservation systems are still not providing information to passengers on transatlantic flights about the collection and transfer of their PNR in a consistent and satisfactory way," said the report. "To tackle this, the Working Party is providing guidance in this opinion about the way in which this information should be provided."
The Working Party wants all passengers to be informed about the data sharing scheme, in accordance with data protection law. One of the problems appears to be some confusion about whose role it is to inform passengers about the scheme.
"The airline determines how and why the personal data are processed, and as such is the controller of the data processing," said the Working Party, in relation to tickets bought directly from airlines. "The Working Party therefore considers that the information should be provided primarily by the airline selling the flight ticket."
The Working Party wants there to be consistency in the application of data protection laws. "The obligation to inform the data subject is a responsibility of data controllers, and it should be carried out in accordance with the national legislation they are subject to," said the Working Party's report.
"As the US requests for transfers of PNR data affect all airlines in a similar way, the Working Party considers that there is a real need for coherence in the content of the information that should be provided to passengers and in the time and way in which that information is delivered," it said.
The arrangement in autumn last year was only an interim arrangement made to comply with a deadline which was missed by a few days. A new agreement is expected to be made between the US government and the European Commission this year, and initial reports last year suggested that it should be in place by summer.
