Legal base	(a) Articles 29, 30(1)(b) and 34(2)(b) EU; consultation; unanimity (b) —
Deposited in Parliament	(b) 10 December 2008
Department	Home Office
Basis of consideration	EM of 5 January 2009
Previous Committee Report	(a) HC 16-xxi (2007-08), chapter 7 (14 May 2008), HC 16-xviii (2007-08), chapter 4 (2 April 2008), HC 16 -xiii (2007-08), chapter 5 (27 February 2008), HC 16-vii (2007-08) chapter 7 (9 January 2008) (b)None
To be discussed in Council	No date set
Committee's assessment	Legally and politically important
Committee's decision	(a) not cleared (b) cleared

Background

11.1 The data collected by airlines in the operation of their computerised reservation and ticketing systems is known as the Passenger Name Record.[62] The draft Framework Decision on the use of PNR data for law enforcement purposes (document (a)) prescribes obligations relating to the handling of PNR data for the purposes of preventing and combating terrorist offences and organised crime.

11.2 We have considered the draft Council Framework Decision on the use of Passenger Name Record (PNR) data for law enforcement purposes (document (a)) on a number of occasions, most recently on 14 May 2008. When we considered the proposal on 14 May 2008 we noted that negotiations were still at an early stage, with the major issues of the scope of the proposal and the treatment of sensitive personal data not having been discussed in any detail. Whilst we welcomed the Minister's agreement with some of the concerns expressed by the Information Commissioner and the Article 29 Data Protection Working Party,[63] notably that the "push"[64] method was preferable to the "pull"[65] method and that data retention periods should be proportionate. We also recalled a number of other serious criticisms of the proposal made by the Article 29 Working Party such as the absence of any justification of a pressing need to collect data other than API data,[66] the excessive amount of personal data to be transferred by carriers, the need for the data controller to filter sensitive data and the unsatisfactory nature of the data protection regime. We noted that each of these criticisms had been strongly supported by the Information Commissioner and we looked forward to a further account by the Minister in due course as to how these concerns were being addressed.

The report on thematic work carried out from July to November 2008

11.3 The report (document (b))records the results of consultations carried out during the French Presidency. These have been conducted by a 'Multidisciplinary Group ' (MDG) which has sought views from air transport operators, the EU counter-terrorism coordinator, PNR specialists in the police and customs services of the Member States, the Agency for Fundamental Rights, the European Data Protection Supervisor and the European Parliament.

11.4 The results of these consultations are summarised under the headings of; the need for a European PNR instrument, the creation of a decentralised system (rather than one centralised system at EU level), the technical and financial constraints, and the effective and transparent processing of PNR data in accordance with fundamental rights. A final section of the report deals with the outstanding issues of the use of sensitive personal data, the period within which data may be held and the exchange of bulk data.

11.5 The report records general agreement by the relevant services with experience on PNR that the establishment of a PNR database can be useful for customs services in relation to drug trafficking and trafficking in human beings and the smuggling of counterfeit goods and that for police services it may provide information about offenders' behaviour such as itineraries and frequencies of journeys, with opportunities "to analyse behavioural tendencies in criminal circles" in order to prevent and detect crime. The report argues that a European PNR system would facilitate the alignment of technical systems in the Member States and would encourage the exchange of good practice as well as contributing to effective cooperation between law enforcement authorities and the application of common standards of data protection.

11.6 The report notes that the "vast majority" of delegations reject the approach of having a centralised system of PNR at EU level and prefer the establishment of databases at national level which are able to contribute to domestic security and to respond to the needs of other Member States. The report also notes that a "consensus is focusing" on the coverage of air travel between the EU and third States (including transit within Europe) for the purposes of preventing, detecting, investigating, prosecuting and punishing terrorism and "of a group of other serious offences to be defined by reference to the list in the Framework Decision on the European Arrest Warrant". The report also states that it is preferable to provide for the systematic transmission of PNR data for all flights, rather than selected flights. The system should also allow national systems to continue to use PNR data for their own purposes such as combating illegal immigration or protecting public health, and to cover means of transport other than aircraft.

11.7 The report states that technical and financial constraints on the transport business should be kept to a strict minimum, with no obligation being imposed on air carriers to collect data, but only an obligation to transmit data they have already collected for their own commercial purposes. The list of data collected and technical transmission protocols should follow international standards set by the International Civil Aviation Organization and applied by IATA, with transmission taking place only twice, 48 hours before take-off and on flight closure. The report notes that the "push" method "can easily be retained" with a transitional period granted to airlines to bring their systems up to date and with a single set of data protection arrangements applying whether the data is transmitted for commercial purposes or to public authorities.

11.8 As far as the effective and transparent processing of PNR data is concerned, the report notes a consensus that the members of a Passenger Information Unit (PIU) which would be set up in each Member State should belong to a public authority of the Member State in question, and that storage of the raw data in a secure database was far preferable to allowing such data to be transmitted to external entities. The report also draws attention to the need to separate the responsibilities of the PIU from those of competent national law enforcement authorities. The PIU would be concerned essentially with data collection and analysis, with the competent authorities responsible for determining criteria for selecting flights for risk analysis and taking decisions on measures to be taken in the light of the data. The further processing of PNR data would fall into two main categories. First are "strategic analyses" to identify those passengers likely to pose a risk. According to the report, the operations which support these analyses should be precisely defined, on account of legitimate concerns raised by the concept of profiling[67] and notes that "practitioners displayed a lack of interest in purely speculative searches such as those carried out for commercial purposes : they have neither the need nor the time to perform such searches". Any analysis should be based on criteria founded on objective factors previously established by the competent authorities of the Member States "which make it reasonable to suppose that the persons identified by these factors are or could be involved in the preparation or commission of an offence". The second category of further processing concerns specific searches carried out in response to specific queries within the framework of an investigation conducted by the competent authorities.

11.9 In its treatment of fundamental rights, the report notes that the option of the sole use of the "push" method "can easily be retained" and that the list of data to be transmitted could be reduced compared with the original proposal since it is not deemed necessary to include information relating to unaccompanied minors. The report also notes that there should be uniform data protection provisions applying to all transmissions of data whether for commercial purposes or to public authorities and that such provisions should comply, at the very least, with the Council of Europe Convention of 28 January 1981. The report also calls for external supervision by independent authorities and for any exchanges of data to comply with the rules of the Framework Decision on data protection and that clear rules should be adopted to exclude arbitrary or discriminatory treatment, with no risk assessment criterion being based on a person's race or ethnic origin, religious belief, political opinion, trade union membership or health or sexual orientation. The report also states that any instrument should provide for verification of the lawfulness of requests received by a PIU, for the "traceability" of all access to the PNR database, for rectification and erasure of data, measures on data security and means of informing passengers of their rights to rectification and erasure.

11.10 The report notes a number of issues which have not been discussed in sufficient detail. These include the treatment of sensitive personal data which may be entered by the airline in a passenger's PNR file in order to improve his comfort on board and which may reveal religious adherence or a state of health.[68] The report also notes that it has proved difficult to reach agreement on a harmonised data retention period, but that on the basis of exploratory discussions a compulsory data retention period could be set at 3 years with a supplementary data retention period of between 3 and 7 years, making for a total data retention period of between 6 and 10 years.

The Government's view

11.11 In her Explanatory Memorandum of 5 January the Parliamentary Under-Secretary of State at the Home Office (Meg Hillier) explains that the Government welcomes the proposal by the French Presidency to broaden the scope of the EU PNR Framework Decision to include the use of PNR data to combat serious crime, but that the scope of the EU PNR instrument should be flexible enough to cover differing national priorities, including for the UK the ability to use PNR data for immigration purposes. The Minister also welcomes the solution proposed by the report that the processing of PNR data on intra-EU flights or from other modes of transport should not restricted by the instrument.

11.12 The Minister explains that the Government does not agree with the systematic (100%) collection of PNR data from all routes into the EU, as suggested in the report. The Government does not believe this to be necessary or proportionate, and advocates a targeted approach to the collection of PNR such as that envisaged by the Government's e-Borders programme, adding that by 2013 the Government aims to collect PNR data on 100 million passenger movements per year which will account for about one third of all air passenger movements.

11.13 The Minister adds that the Government supports the suggestion made in the report that there should be a gradual phasing-in of the PNR system with a review clause to permit the discussion of the systematic collection of data once Member States have acquired some experience of operating the system, and believes that such provision should be made if the systematic collection of data remains a principle in the text of the Framework Decision.

11.14 The Minister also comments that the Government believes that the burdens on carriers should be minimised and advocates a flexible approach with the first 'push' of data to the PIU taking place within 24 to 48 hours of departure. The Minister adds that the Government also agrees with the proposal to make clear a distinction between the PIU and competent authorities, but argues that it should be for members of the PIU to be able to set risk profiles based on intelligence received in the PIU on patterns of behaviour that could indicate individuals of a higher risk, noting that the French Presidency's report limits the ability to set profiles to members of a competent authority.

Conclusion

11.15 The French Presidency's report is plainly a detailed and helpful analysis of the issues raised by the proposal for an EU Framework Decision on the processing of the Passenger Name Record. We note the Government's position on some of these issues, and we shall look forward to examining these further when we consider further negotiations on the proposal.

11.16 We clear the report (document (b)) but shall hold the draft Framework Decision (document (a)) under scrutiny, pending a reply by the Minister to our earlier report.

63   An independent advisory body on data protection and privacy established under Article 29 of Directive 95/46/EC. Back

64   A system whereby the carrier provides the data from his database. Back

65   A system whereby the data is extracted by a third party form the carrier's database. Back

66   See footnote 62. Back

67   As to which see 21^st Report (2006-07) of the House of Lords European Union Committee, paragraph 16 where data profiling is defined as "the determination of characteristics of combinations of characteristics which might identify someone or something as potentially worth investigation". Back

68   Examples would include a passenger's dietary requirements or whether there is any disability. Back