Cookies on Pinsent Masons website

This website uses cookies to allow us to see how the site is used. The cookies cannot identify you. If you continue to use this site we will assume that you are happy with this

If you want to use the sites without cookies or would like to know more, you can do that here.

EU finds clerical solution to privacy concerns

The reduction of the number of data fields handed to US security services announced by the European Union was achieved by squeezing almost the same amount of data on to fewer lines. The news undermines what was seen as a concession won by EU negotiators.27 Jul 2007

Advert: Pinsent Masons is recruiting. Find out more.A new passenger name records (PNR) deal was announced this week by the EU and the US. It covers how much information can be handed to US authorities about passengers on flights from Europe to the US and the conditions on which it was kept.

The US won major concessions from the EU, winning its demands to keep data for far longer and the ability to pass it on to other US agencies. The EU appeared to win one argument, reducing the amount of data transferred.

"The number of data collected will be of 19, instead of 34 as foreseen by the interim Agreement," said a joint statement from the US and from a number of EU authorities, including the European Commission, the Council of the European Union and the Presidency of the Council.

But the number of actual pieces of data asked for only reduced by two, to 32, and some extra information was asked for.

The new PNR deal lists 19 data fields which will be collected on every passenger. Many of the fields include multiple pieces of information.

For example, the previous deal asked for ticket number, ticket information, one-way ticket data and automated ticket fare quote data in four separate fields. The new deal has just one field which asks for "ticketing information, including ticket number, one way tickets and Automated Ticket Fare Quote".

"Now there are 19 fields from the 34 before, that is a fact," said Jesus Carmona, a spokesman for the Council of the European Union. "It is a question of putting more order in the previous 34."

Carmona did not accept that the change was a misleading attempt to make a clerical rearrangement look like a negotiations success. "It is an achievement, now things are clearer than before," he said. "Now we have a clear presentation of what the US want exactly."

Negotiations over PNR data have long proved controversial. The European Parliament has opposed the sending of data on principled grounds and has challenged one of the deals in court. The European Court of Justice (ECJ) ruled a previous deal illegal, but only on a technicality. An almost identical interim agreement replaced it, and this long term agreement replaces that in turn.

Data protection officials also oppose the deal because the US does not have as strict privacy safeguards as Europe. The PNR system was put in place in the aftermath of terrorist attacks in the US in September 2001.

Europe's privacy watchdog has opposed the latest version of the PNR system. Assistant European Data Protection Supervisor Joaquin Bayo Delgado told weekly technology podcast OUT-LAW Radio of his opposition.

"We are really worried about the terms in which this agreement has been reached," he said. "We are not pleased by the result and our wishes would have been to have a different outcome of the negotiations."

Bayo Delgado said that he was working with other data protection officials on Europe's Article 29 Working Party to investigate the workings of the new deal.

The old PNR deal's data fields

  1. PNR record locator code
  2. Date of reservation
  3. Date(s) of intended travel
  4. Name
  5. Other names on PNR
  6. Address
  7. All forms of payment information
  8. Billing address
  9. Contact telephone numbers
  10. All travel itinerary for specific PNR
  11. Frequent flyer information (limited to miles flown and address(es))
  12. Travel agency
  13. Travel agent
  14. Code share PNR information
  15. Travel status of passenger
  16. Split/divided PNR information
  17. E-mail address
  18. Ticketing field information
  19. General remarks
  20. Ticket number
  21. Seat number
  22. Date of ticket issuance
  23. No show history
  24. Bag tag numbers
  25. Go show information
  26. OSI information
  27. SSI/SSR information
  28. Received from information
  29. All historical changes to the PNR
  30. Number of travellers on PNR
  31. Seat information
  32. One-way tickets
  33. Any collected APIS (Advanced Passenger Information System) information
  34. ATFQ (Automatic Ticketing Fare Quote) fields

The new PNR deal's data fields

  1. PNR record locator code,
  2. Date of reservation/ issue of ticket
  3. Date(s) of intended travel
  4. Name(s)
  5. Available frequent flier and benefit information (i.e., free tickets, upgrades, etc.)
  6. Other names on PNR, including number of travelers on PNR
  7. All available contact information (including originator information)
  8. All available payment/billing information (not including other transaction details linked to a credit card or account and not connected to the travel transaction)
  9. Travel itinerary for specific PNR
  10. Travel agency/travel agent
  11. Code share information
  12. Split/divided information
  13. Travel status of passenger (including confirmations and check-in status)
  14. Ticketing information, including ticket number, one way tickets and Automated Ticket Fare Quote
  15. All Baggage information
  16. Seat information, including seat number
  17. General remarks including OSI, SSI and SSR information
  18. Any collected APIS information
  19. All historical changes to the PNR listed in numbers 1 to 18

More from Out-Law.com

Expertise in Confidential Information

Ideas, techniques and know-how can lie at the heart of a business. Pinsent Masons' international intellectual property team is dedicated to helping you to protect those intangible valuables that help you to stand out from your competitors.

More about Confidential Information