1 Use of Passenger Name
Records for law enforcement purposes
(32492)
6007/11
COM(11) 32
+ ADD 1
+ ADD 2
| Draft Directive on the use of Passenger Name Record data for the prevention, detection, investigation and prosecution of terrorist offences and serious crimes
Commission staff working paper: Impact Assessment
Commission staff working paper: Summary of Impact Assessment
|
Legal base | Articles 82(1)(d) and 87(2)(a) TFEU; co-decision; QMV
|
Document originated | 2 February 2011
|
Deposited in Parliament | 4 February 2011
|
Department | Home Office
|
Basis of consideration | EM of 16 February 2011
|
Previous Committee Report | None; but see HC 428-xi (2010-11), chapter 21 (15 December 2010), HC 19-xiii (2008-09), chapter 4 (1 April 2009), HC 19-xxi (2008-09), chapter 3 (24 June 2009) and HC 19-xxix (2008-09), chapter 4 (28 October 2009)
|
To be discussed in Council | 24-25 February 2011
|
Committee's assessment | Legally and politically important
|
Committee's decision | Not cleared; further information requested; opt-in decision for debate in European Committee B
|
Background
1.1 Passenger Name Record (PNR) data is the term used to describe
unverified information provided by passengers when making a flight
reservation and checking-in and boarding a flight and which is
held in the air carrier's reservation and departure control systems.
It includes personal information about the passenger, such as
name and contact details and the means of payment used, as well
as travel dates and itinerary, when and where the flight was booked,
the seat number and baggage information.
1.2 An increasing number of countries have come to
regard PNR data as an additional tool to help prevent, detect,
investigate and prosecute terrorist or other serious criminal
offences and therefore require air transport carriers to transmit
the PNR data they collect on their passengers to the competent
law enforcement authorities. This has led the EU to conclude agreements
with the United States, Canada and Australia in order to enable
carriers operating flights from the EU to comply with this requirement.
The Commission anticipates that more third countries will seek
to conclude PNR agreements and so, last September, it suggested
that the EU should develop a "global approach" on the
transfer of PNR data to third countries, based on a set of common
criteria designed to ensure the effective protection of personal
data, rather than concluding agreements on a case-by-case basis.[1]
1.3 Within the European Union, the UK already has
a PNR system (called "e-Borders") and some other Member
States are developing their own, but there is no overarching EU
framework establishing common rules for the collection of PNR
data and its use by Member States. An attempt was made, in 2007,
to agree an EU Framework Decision but the Commission's proposal
was criticised by the European Parliament, European Data Protection
Supervisor and the EU Fundamental Rights Agency for providing
insufficient data protection safeguards and it lapsed with the
entry into force of the Lisbon Treaty on 1 December 2009.
1.4 In the Stockholm Programme establishing the EU's
priorities in the Area of Freedom, Security and Justice for the
period 2010-14, the European Council calls on the Commission to
put forward a proposal to establish an EU PNR system for the purpose
of preventing, detecting, investigating and prosecuting terrorist
offences and serious crime while also ensuring a high level of
data protection.
The draft Directive
JUSTIFICATION FOR AN EU PNR REGIME
1.5 The Commission says that terrorist and other
serious criminal activity, such as trafficking in human beings
and drugs, often involves international travel or has a transnational
character. Existing EU mechanisms for the collection and exchange
of personal data between law enforcement authorities, such as
the Schengen Information System (SIS), Visa Information System
(VIS) and the Directive on Advance Passenger Information (the
API Directive)are mainly used to verify identity and to
manage the EU's external border. So, for example, the API Directive
allows biographical information taken from the machine-readable
part of a passport (name, place of birth and nationality, passport
number and expiry date) to be made available to border control
authorities, primarily for immigration control purposes. SIS,
VIS and API do not provide sufficient raw data to enable law enforcement
authorities to make an assessment of passengers travelling to
or from the EU or to detect as yet unknown criminals or terrorists.
By contrast, PNR data are used primarily as a criminal intelligence
tool:
- to investigate and prosecute
a crime after its commission (reactive use);
- to check PNR data against pre-determined assessment
criteria in order to identify a previously unknown suspect, or
to check the data against databases of wanted individuals or objects
(real-time use); and
- to analyse the data as a means of establishing
objective assessment criteria to help law enforcement authorities
screen passengers who may present a security risk prior to their
arrival or departure (pro-active use).
1.6 The Commission believes that the more systematic
collection, use and retention of PNR data would strengthen the
capacity of law enforcement authorities to tackle terrorism and
serious crime. It says that the lack of harmonised EU rules creates
a risk of fragmentation as an increasing number of Member States
adopt their own national measures which diverge on such matters
as the scope and purpose of the PNR system, the length of time
for retaining PNR data, the modes of transport covered and standards
of data protection and security. According to the Commission,
these differences are likely to result in "security gaps,
increased costs and legal uncertainty for air carriers and passengers
alike."[2]
1.7 The Commission says that it has consulted a range
of stakeholders, including national data protection authorities,
the European Data Protection Supervisor and representatives of
the airline industry and acknowledges that "several"
remain to be convinced of the need to use PNR data. The Commission
adds, however, that "all agreed that legislation at EU level
is preferable to the development of diverging national PNR systems."[3]
It says that the scope of the draft Directive is limited to those
elements that require a harmonised EU approach, "including
the definition of the ways in which PNR can be used by the Member
States, the data elements that need to be collected, the purposes
for which the information may be used, the communication of the
data between the PNR units of the Member States, and the technical
conditions for such communication."[4]
The Commission adds that it has chosen a "decentralised system"
which gives Member States a degree of flexibility in determining
how to set up their PNR system.
CONTENT OF THE DRAFT DIRECTIVE
1.8 The main elements of the draft Directive are
as follows:
- each Member State would have
to establish a Passenger Information Unit to collect, store and
analyse PNR data provided by air carriers and to transmit the
results of its analysis to the competent national authorities
responsible for the prevention, detection, investigation or prosecution
of terrorist and other serious criminal offences (Article 3);
- the reference to "serious crime" means
those offences listed in Article 2(2) of the Framework Decision
establishing the European Arrest Warrant which are punishable
by at least 3 years' imprisonment (but subject to a proportionality
test to exclude the processing of PNR data relating to minor offences);[5]
- the reference to "terrorist offences"
means those offences referred to in Article 1 of the Framework
Decision on combating terrorism (Article 2);[6]
- Member States would be required to identify the
competent national authorities entitled to request or receive
PNR data (including the results of processing of that data) from
their Passenger Information Units and to ensure that those authorities
may not take any decision based solely on the automated processing
of PNR data which has an adverse legal effect on, or significantly
affects, an individual (Article 5);
- Member States would be required to introduce
measures ensuring that air carriers transfer PNR data already
collected by them to the database of the national Passenger Information
Unit in the Member State where the flight will land or depart
(Article 6);
- air carriers would be required to transfer PNR
data by electronic means in two stages, the first between 24 and
48 hours before the scheduled flight departure time and the second
immediately after all passengers have boarded and the flight has
closed (Article 6);
- where there is a "specific and actual threat
related to terrorist offences or serious crime", a Passenger
Information Unit may (in accordance with national law) require
air carriers to transfer PNR data earlier (Article 6);
- the obligation to transfer PNR data would only
apply to "international flights" between an EU Member
State and a third country, not to flights within the EU (Articles
1 and 2);
- the Passenger Information Unit would only be
able to process PNR data for the following purposes (Article 4):
- to carry out an assessment
of passengers prior to their arrival or departure by processing
PNR data against pre-determined criteria, in order to identify
whether any passenger may be involved in a terrorist offence or
serious transnational crimethe assessment criteria would
be established by the Passenger Information Unit, should be applied
in a non-discriminatory manner, and should "in no circumstances
be based on a person's race or ethnic origin, religious or philosophical
belief, political opinion, trade union membership, health or sexual
life";
- to carry out an assessment of passengers prior
to their arrival or departure, in order to identify whether any
passenger may be involved in a terrorist offence or serious crime,
by checking the PNR data against relevant databases containing
information on wanted individuals or objects;
- in response to a duly reasoned request from a
competent national authority to provide and/or process PNR data
in specific cases relating to a terrorist offence or serious crime;
and
- to analyse PNR data in order to update or to
create new assessment criteria to help identify individuals who
may be involved in terrorist offences or serious transnational
crime.
- Member States would be required
to ensure that, where an assessment carried out by the Passenger
Information Unit produces a positive match, it would have to be
individually reviewed by non-automated means in order to verify
whether there is a need for the competent national law enforcement
authority to take action against a particular individual (Article
4);
- PNR data provided by air carriers to the appropriate
Passenger Information Unit would be held for 30 days from the
date of transfer; after 30 days, the PNR data would be retained
for a further period of five years in an "anonymised"
form (so that the identity of the individual to whom the data
relates is masked) and only the Head of each Passenger Information
Unit would be entitled to authorise access to the full PNR data;
thereafter, PNR data held by the Passenger Information Unit would
have to be deleted (Article 9);
- Passenger Information Units may exchange PNR
data and/or the results of processing of that data in the following
circumstances (Article 7):
- where a Passenger Information
Unit in one Member State conducts an assessment of passengers
prior to their arrival or departure which identifies an individual
who may be involved in a terrorist or other serious criminal offence,
it shall send the data to Passenger Information Units in all other
Member States if it considers the transfer of data is necessary
for the prevention, detection, investigation or prosecution of
the offence;
- where a Passenger Information Unit deems it necessary,
in order to prevent, detect, investigate or prosecute a specific
case involving terrorism or serious crime, it has a right to request
PNR data from a Passenger Information Unit in another Member State;
if the data requested have already been anonymised, a Passenger
Information Unit in another Member State may only obtain access
to specific PNR data in their full form in exceptional circumstances,
where there is a specific threat or specific investigation or
prosecution related to a terrorist or serious criminal offence;
- exceptionally, a Passenger Information Unit in
one Member State may request early access to PNR data collected
by a Passenger Information Unit in another Member State where
necessary to respond to a specific and actual threat concerning
terrorism or serious crime;
- where a competent national
authority wishes to obtain access to PNR data held by a Passenger
Information Unit in another Member State, it should channel its
request through its own Passenger Information Unit, but it may
request direct access if it can demonstrate that the PNR data
requested relates to a specific investigation or prosecution of
a terrorist or serious criminal offence and is necessary to prevent
an immediate and serious threat to public security (Article 7);
- PNR data may only be transferred to a third (non-EU)
country where necessary to prevent, detect, investigate or prosecute
terrorist or other serious criminal offences and the third country
provides an adequate level of data protection (Article 8);
- Member States would be required to ensure that
the processing of PNR data complies with the Framework Decision
on data protection[7] as
regards the rights of the data subject and the confidentiality
and security of data processing, and to make provision for their
national data protection supervisory authorities to advise on,
and monitor the application of, the Directive (Articles 11 and
12) ;
- the Directive would expressly prohibit the processing
of PNR data revealing an individual's race or ethnic origin, religious
or philosophical belief, political opinion, trade union membership,
health or sexual life, as well as the transfer of PNR data to
any private parties (Article 11);
- all processing and transfer of, or requests for,
PNR data should be logged in order to ensure appropriate checks
as to the lawfulness of data processing (Article 11);
- passengers on international flights should be
informed of the collection and use made of PNR data and of their
right to make a complaint (Article 11);
- Member States, when implementing the Directive,
would be required to make provision in national law for "dissuasive,
effective and proportionate penalties" in the event that
air carriers fail to transmit PNR data (Article 10);
- the Commission would establish "common protocols
and supported data formats" by means of a comitology procedure;
these would be mandatory for all transfers of PNR data one year
after their introduction (Article 13);
- Member States would be required to ensure that
PNR data of at least 30% of all flights are collected and transferred
by air carriers no later than two years after the date on which
the Directive enters into force; this should increase to 60% by
the end of the next two-year period, and to 100% after six years
(Article 16);
- Member States would be required to provide the
Commission with statistical information on the use of PNR data
each year, including how many times it has resulted in the identification
of individuals involved in terrorism or other serious crime and
the number of law enforcement actions which have involved the
use of PNR data per air carrier and destination (Article 18);
and
- the Commission should, within two years of the
date on which the draft Directive enters into force, report to
the Council and European Parliament on "the feasibility and
necessity of including internal flights in the scope of the Directive,"
drawing on the experience gained by those Member States that already
collect PNR data for internal (intra-EU) flights; and, within
four years, report on the operation of the Directive as a whole,
notably the data protection elements and the quality of the assessments
based on PNR data (Article 17).
RESPECT FOR FUNDAMENTAL RIGHTS
1.9 The Commission says that the draft Directive
has been subject to "in-depth scrutiny to ensure that its
provisions are compatible with fundamental rights" and with
the principle of proportionality. It highlights the following
safeguards;[8]
- the draft Directive complies
with the 2008 Framework Decision on the protection of personal
data processed for the purpose of police and judicial cooperation
in criminal matters;
- the scope of the draft Directive is "strictly
limited and law enforcement authorities are allowed to use PNR
data only for the purpose of combating an exhaustive list of specified
serious crimes";
- the creation and application of assessment criteria
based on PNR data is limited to the identification of passengers
who may be involved in terrorism or serious transnational crime;
- the retention of PNR data is limited to five
years, and the data must be anonymised after 30 days;
- the collection and use of sensitive data revealing
an individual's race or ethnic origin, religious or philosophical
belief, political opinion, trade union membership, health or sexual
life is prohibited;
- decisions which have adverse legal effects or
otherwise significantly affect an individual must not be taken
solely on the basis of automated processing of PNR data;
- Member States have no direct access to air carriers'
IT systems;
- the circumstances in which PNR data may be transferred
to third countries are limited and must be determined case-by-case;
- Member States are required to ensure that independent
national data protection supervisory bodies can advise on and
monitor the processing of PNR data;
- each Passenger Information Unit is responsible
for logging and documenting the processing of PNR data to ensure
that compliance with data protection rules can be verified; and
- air passengers must be informed about the collection
of PNR data and their rights.
LEGAL BASE
1.10 The draft Directive is based on Articles 82(1)(d)
and 87(2)(a) of the Treaty on the Functioning of the European
Union (TFEU) which provide for EU measures to facilitate cooperation
between judicial or equivalent authorities in Member States in
relation to criminal matters and between police and other law
enforcement services, including by means of the collection, storage,
processing, analysis and exchange of relevant information.
The Government's view
1.11 The Minister of State for Immigration (Damian
Green) says that the use of PNR data is "a proven and vital
tool for the prevention and detection of serious crime and terrorism"
and that the Government strongly supports an EU-wide PNR system.
He believes that EU action is justified because:
"If Member States were to act in this area unilaterally,
then this could lead to differing requirements being imposed on
carriers across the EU. It could also frustrate the success of
such a system if there is no clear legal basis for passenger data
to be transferred from a carrier in one Member State to the passenger
information unit in another Member State."[9]
1.12 He notes, however, that the draft Directive
does not cover air travel between EU Member States and says that
the Government
"strongly believes that the ability to collect
and process PNR data on intra-EU travel flights is vital to improving
security and fighting crime within the EU and beyond.
"The volume of journeys between Member States
is three times greater than between Member States and third countries.
A PNR system that provides cover only for travel to and from third
countries would seriously limit Member States' ability to tackle
criminal activity.
"Not collecting PNR on intra-EU routeswhile
at the same time collecting PNR on extra-EU routesserves
simply to displace rather than address the risk. This cannot be
the intended consequence of a PNR Directive."[10]
1.13 The Minister explains that UK law already makes
provision for carriers to provide travel-related data for immigration,
customs or police purposes. He says that, under the UK's e-Borders
system, advance passenger information (API) data is automatically
screened against watch-lists to enable early identification of
individuals known to be of interest for immigration, customs or
law enforcement purposes, for example those for whom a European
Arrest Warrant has been issued. Because PNR data is more comprehensive
than API data, it is "an essential supply of data for the
security, intelligence and law enforcement agencies for investigations
and operations, and is used for automated rules-based targeting
to identify unknowns; those potentially involved in terrorist
and other criminal activity."[11]
The Minister continues:
"The greatest benefits of e-Borders are realised
when API data is processed in conjunction with PNR data. For example,
if a known terrorist suspect is identified (via the watch-listing
of API data) as intending to travel, PNR data is checked to identify
whether there are unknown associates also intending to travel.
Using these two datasets in parallel enables e-Borders and other
agencies to identify a greater proportion of those individuals
that pose a risk to the UK and other nations worldwide. PNR data
can be operationally valuable in deciding whether or how to intervene;
for example, notes indicating that the reason for travel is due
to a sudden death in the family. PNR data is also used retrospectively,
for example to create travel histories and to identify useful
additional data that supports investigations."[12]
1.14 The Minister notes that the draft Directive
is subject to the UK's Title V opt-in and that the UK has until
2 May to decide whether or not to opt in. In reaching a decision,
he says that the Government will need to consider the views of
the UK's devolved administrations and Gibraltar, as well as the
likelihood of the Directive being amended to meet the UK's policy
objectives. These include:
- extending the scope of the
Directive to include:
- intra-EU flights; and
- the processing and use of PNR data for all terrorist
or serious criminal offences, not limiting it in certain circumstances
to those which have a transnational element;
- extension of the retention
period for PNR data so that it is sufficient to allow Member States
to "use it proactively to establish travel and behaviour
patterns", while also ensuring that it remains proportionate;
and
- allowing the use of sensitive data in exceptional
circumstances, as "[t]he UK has found that the use of sensitive
personal data can help improve the quality of interventions and
believes that ruling this out would be unhelpful and unwelcome."[13]
1.15 The Minister notes also that, if the UK were
to decide to opt in, it would be necessary to amend UK law in
order to ensure that PNR data could only be processed and used
for the purposes specified in the Directive, which do not include
immigration. He does not expect the draft Directive to have additional
financial implications for the UK Government, but considers that
it is likely to involve extra data transmission costs for UK-based
air carriers which may be passed on to air passengers.
1.16 Finally, the Minister provides an analysis of
the implications of the draft Directive for fundamental rights
and concludes that any interference with the right to respect
for private and family life and the right to protection of personal
data is necessary and proportionate. He believes that the prohibition
on the processing and use of sensitive data ensures respect for
the principle of non-discrimination.
Conclusion
1.17 As the Minister acknowledges, the draft Directive
would interfere with individuals' rights to privacy and to the
protection of their personal data. The issue, therefore, is whether
such interference is justified in light of the objectives of the
proposal to enhance internal security within the European Union.
1.18 We note that Article 16 of the draft Directive
requires Member States to ensure that PNR data from all international
flights are collected within six years of the Directive entering
into force. When our predecessors considered a similar provision
in the Commission's 2007 proposal for a Framework Decision on
the use of PNR for law enforcement purposes, they suggested that
a blanket obligation to collect PNR data from all flights was
unnecessary and disproportionate on the grounds that it might
tip the balance between a legitimate and an illegitimate interference
with the right to privacy and protection of personal data.[14]
We should be grateful if the Minister could explain, first, whether
the UK's e-Borders system requires air carriers to transmit PNR
data on all flights to and from the UK and, second, whether the
Government considers that it is appropriate for the draft Directive
to require Member States to ensure blanket coverage of all international
flights to and from the EU, rather than allowing Member States
some operational flexibility, and whether such an obligation is
necessary and proportionate.
1.19 We note also that the Minister's analysis
of the implications of the draft Directive for fundamental rights
is based on the proposal as currently drafted. However, some of
the changes which the Minister says the Government would seek
if it decided to opt into the draft Directive would appear to
reduce the level of personal data protection, for example, by
extending the retention period for PNR data and permitting the
use of sensitive data in exceptional circumstances. We therefore
ask the Minister to tell us whether he has consulted the Information
Commissioner on the content of the draft Directive, as well as
on the changes sought by the Government, and to inform us of his
views.
1.20 The Minister says that the Government believes
that PNR data should be used to prevent all serious crime, regardless
of any transnational dimension. However, the Commission says that
the transnational nature of terrorism and serious organised crime
is one of the main reasons for taking action at EU level. The
Commission also says in its analysis of the impact of the draft
Directive on fundamental rights that the requirement for a transnational
element in certain circumstances helps to limit the processing
of PNR data to cases "intrinsically linked to travelling"
and so is less intrusive. We would welcome the Minister's views
on both points.
1.21 Finally, we note that recital 28 of the draft
Directive says that "the Directive does not affect the possibility
for Member States to provide, under their domestic law, for a
system of collection and handling of PNR data for purposes other
than those specified in this Directive, or from transportation
providers other than those specified in the Directive, regarding
internal flights subject to compliance with relevant data protection
provisions, provided that such domestic law respects the Union
acquis." We would find it helpful if the Minister
could tell us what implications a decision to opt into the draft
Directive would have for the UK's ability:
- to collect and use PNR data for intra-EU flights;
and
- to collect and use PNR data for immigration
purposes.
1.22 It is evident that the draft Directive may
have important implications for the UK's existing e-Borders system.
We think, therefore, that the Government's decision specifically
on whether or not to opt into the proposal, should be debated
in European Committee B. The draft Directive itself remains under
scrutiny and we look forward to receiving the Minister's response
to the questions we have raised, as well as progress reports on
the negotiations.
1 See (31960) 13954/10: HC 428-xi (2010-11), chapter
21 (15 December 2010). Back
2
Seepage4oftheCommission'sexplanatorymemorandumaccompanyingthedraftDirective. Back
3
Seepage10oftheCommission'sexplanatorymemorandumaccompanyingthedraftDirective. Back
4
Seepages12-13oftheCommission'sexplanatorymemorandumaccompanyingthedraftDirective. Back
5
CouncilFrameworkDecision2002/584/JHA,OJLNo.190,p.1,18.07.2002. Back
6
Council Framework Decision 2002/475/JHA, OJ L No. 164, p.3, 22.06.2002. Back
7
Council Framework Decision 2008/977/JHA, OJ L No. 350, p.60, 30.12.2008. Back
8
See page 8 of the Commission's explanatory memorandum accompanying
the draft Directive. Back
9
Seeparagraph22oftheMinister'sExplanatoryMemorandum. Back
10
Seeparagraphs24-26oftheMinister'sExplanatoryMemorandum. Back
11
Seeparagraphs27-28oftheMinister'sExplanatoryMemorandum. Back
12
Seeparagraph29oftheMinister'sExplanatoryMemorandum.
Back
13
See paragraphs 30-34 of the Minister's Explanatory Memorandum.
Back
14
See (30385) 5618/09 (30651) 5618/1/09: HC 19-xxi (2008-09), chapter
3 (24 June 2009) and (30385) 5618/09: HC 19-xiii (2008-09), chapter
4 (1 April 2009). Back
|