European Court Rules Airline Passenger Data Agreement Illegal

Europe’s top court ruled Tuesday that a deal to bulk transfer airline passengers’ personal data to the United States is illegal, a ruling that underscores the changing legal and moral framework for storing and sharing personal data.

The Court of Justice of the European Union, based in Luxembourg, has essentially struck down a 2004 agreement with the European Commission that gave U.S. law enforcement and other counterterrorism agencies access to some 34 different categories of passenger information on all airline flights departing from one of the 25 European Union member states.

Thus, the court sided with the European Parliament, which questioned the agreement concluded without its consent in the months following the terrorist attacks of September 11, 2001 on New York and Washington

However, the ruling stopped short of finding that the transfer of information relating to their data constituted a clear breach of the rights of European citizens, instead leaving the issue unanswered and likely to return to court if further complaints are lodged.

Back to the table

The data includes a wealth of information about the passengers, including their names, credit card numbers, home addresses and phone numbers, and details from their passports. The Bush administration argued that the data was necessary to track the movements of known or potential terrorists who might be planning further attacks.

The United States said the security of all Western nations was at risk, including U.S. allies and smaller European nations that lack robust counterterrorism infrastructure of their own, and threatened to revoke landing rights to airlines that did not cooperate.

The European Commission has agreed to share key data under a five-year deal that expires later this year. The court’s ruling gives the Commission four months to reach a new agreement, while the current framework remains in place until then.

The court found that the original agreement did not take into account fundamental principles of European law.

In a statement, the European Commission said it was still analyzing the consequences of this ruling.

“The Commission will now work with other parties to find a solution that provides effective action against terrorism and protects fundamental rights,” the statement said. “The ruling ensures that there is no lowering of data protection standards, no impact on passengers, no disruption to transatlantic air travel and that high levels of security are maintained.”

Millions of passenger records are at stake. The United States is particularly interested in travelers from Europe because they account for almost half of all international visitors to the country, and almost 10 million annual air visits originate in Europe.

Quick changes

Following the ruling, European lawmakers said any talks on a new agreement would have to take into account increased sensitivity to the privacy rights of European citizens.

Critics question whether U.S. authorities can guarantee the security of data once they receive it, a point undoubtedly reinforced by the recent discovery that the personal information of millions of veterans of the U.S. armed forces was compromised when a Veterans Affairs employee’s laptop was compromised. stolen from his house.

The debate over data has become much broader and more intense in recent weeks, following revelations that the National Security Agency may have worked with major telecommunications companies in recent years to provide the agency with records of millions of phone calls to help it combat terrorist efforts. .

“Companies’ ability to store and manipulate data has exploded so quickly that little time has been spent figuring out whether or how to do it,” Gartner analyst Avivah Litan told the E-Commerce Times. Today, many issues that were once theoretical questions now play out in real-world scenarios. “In some ways, the world is catching up technologically.”