The personal details of hundreds of millions of passengers travelling in and out of the European Union will soon be routinely logged and stored by airlines for up to five years, under draft rules agreed by the European Parliament.
The new law, which was approved by MEPs last week, is designed to help with the fight against serious transnational crime and terrorism. But critics say it will result in the mass harvesting of innocent people’s data, including everything from their home addresses and credit card details to their dietary requirements and seat numbers.
The necessity of the new scheme has already been questioned by Giovanni Buttarelli, the European Data Protection Supervisor, who said he was uncomfortable with the idea of mass surveillance and that targeting specific categories of flights, passengers and countries may be more effective. He is set to give a formal opinion on the law in September.
“If this summer, if you fly to Sardinia, do you think this information is essential for the prevention of terrorism? I’m still waiting for the relevant evidence to demonstrate, even in terms of the amount of money, and years to implement this system, how much it is essential,” Mr Buttarelli told the EU Observer website.
The new law, known as the EU Passenger Name Record (PNR) directive, has been under discussion since 2011 and has already been rejected by MEPs once. But it was revived following the terrorist attacks in Paris and Copenhagen and was narrowly approved by the European Parliament’s Civil Liberties Committee after numerous safeguards were added.
Facebook privacy settings you should know about
Facebook privacy settings you should know about
1/6 Change who sees your posts.
Anything you post on Facebook - from a status update to a photo - can be given its own privacy setting. 'Public' means that the information can be found via Google, or you can create custom groups of friends (http://ind.pn/1bVJJ2H) to share info with. Remember: whatever setting you last choose will become default until you change it again.
2/6 Check what your friends are sharing about you.
Sometimes it's not you, but your friends that give information away. Follow this link to see the information that your friends might be sharing with third party apps - http://ind.pn/1bVVar6. Click the 'edit' option to the right of 'Apps other use' and un-tick every category of info you don't want to share. There's also an option above labelled 'Apps you use' that lets you select which apps can use your Facebook data elsewhere on the web. Don't trust them? Click the little cross on the right.
3/6 Hide old posts.
If you're keen to make your Facebook past more private, limiting who can see your old posts should be your first step. Follow this link - http://ind.pn/1bVK7hv - and click 'Limit The Audience for Old Posts on Your Timeline'. You can make all of these old photos and stats updates vieweable to the public, friends only, or just yourself. From this page you can also change who can send you messages and friend requests.
4/6 Create friend lists.
Since September 2011 Facebook has let you create different 'lists' of friends in order to let you separate what your close buddies and your work colleagues see. Facebook can give you a head start by suggesting lists based on who you went to school with and where people live - and you can even choose to browse a News Feed populated only by a certain list. Follow the link below for a full guide: http://ind.pn/1bVPu0d
5/6 Limit adverts.
Pages you like will sometimes be used by Facebook to endorse a product to your friends. If you don't wnat these to show up head to this page - http://ind.pn/1j6Mc2b - select "Pair my social actions with adverts for no one" and click Save Changes.
6/6 Check your profile.
If you're still worried about which of your photos or posts are visible to people you can check what the public (or any specific individual) sees when they click on your profile. View your profile by clicking on your namem then click the cog in the bottom right hand corner of your cover photo, then select 'View as...'
A rise in the number of Europeans travelling to Syria and Iraq to join the Islamic State terrorist group has increased the pressure on the European Parliament to act. The rules will only apply to passengers booked on flights originating outside the EU, or those departing for countries outside the bloc. The information will only be accessed if a serious crime is suspected, such as human and drug trafficking, child sexual exploitation or money laundering as well as terrorism.
Each passenger’s data will be stored on a central database for 30 days, before being redacted so they are no longer identifiable. However, the information will be retained for up to five years and can be “unmasked” after a request by authorities. After five years, it will be permanently deleted.
Timothy Kirkhope, the Conservative MEP for Yorkshire and The Humber who played a key role in drafting the new rules, told The Independent that the committee had introduced “a hell of a lot” of safeguards to ensure the protection of passenger data, which he was confident would meet the approval of Mr Buttarelli.
“This is a vitally important tool in terms of dealing with the threats we get now, not only from terrorists, but also from major criminals,” he added. “The media has tended to concentrate on the issue of ‘foreign fighters’ or terrorists, which is a relevant factor, but it’s not the only one – it may not even be the major one.”
The UK already operates its own PNR system, which records the details of passengers flying into and out of the country. But Mr Kirkhope said this was “not adequate” to deal with cross-border threats, which may require the rapid exchange of information between police forces.
The EU data collection scheme already has the backing of both David Cameron and Theresa May, the Home Secretary, who are keen to go one step further and make the law apply to all European flights. Talks with national governments will now be held before the EU PNR comes into force, likely to be at the end of the year.
Civil liberties groups raised concerns about the plans. “The indiscriminate collection of sensitive and highly personal details of any individual flying in or out of the EU continues to raise concerns despite the approval of the Civil Liberties and Justice Committee,” said Renate Samson, chief executive of Big Brother Watch.
“That the data of all passengers can be stored for up to five years on a centralised, searchable database continues to run the risk of contradicting EU data retention laws, particularly with regards to the violation of privacy.”
Explainer the EU passenger name record directive
The EU Passenger Name Record directive was approved by the European Parliament’s Civil Liberties Committee last week, after an earlier draft failed to win the support of MEPs. The details of millions of passengers travelling into and out of EU member states – but not between them – will have to be recorded by airlines and stored for up to five years.
As the data collected will come straight from airline bookings, it could include a passenger’s contact information, travel routes, computer IP address, hotel bookings, credit card details and dietary preferences.
After being gathered by airlines and travel agents, the data will be stored on a central database for 30 days, before being redacted so individuals are no longer easily identifiable. But the information will be retained for up to five years and can be “unmasked” upon request by authorities. After five years, it will be permanently deleted.
It is hoped that the information will help Interpol and police forces in EU member states to track criminals and fight terrorism. But civil liberties groups have raised concerns about the mass harvesting of innocent people’s details.