Meanwhile, the EU is setting up its own system that will also store travel data of suspects for five years
Following the agreements with Australia and the USA approved by the EU Parliament, EU member states are also to exchange passenger data with Canada. A draft agreement is to be finalized in the fall, according to which up to 60 different sets of data will be transmitted to Canadian authorities before each flight. As in the treaty with the USA, the length of storage and the possibility of using the data to combat terrorism are disputed "serious crime". At present, the data are being transferred to Canada without a valid legal basis.
After two years of discussions, the Commission will soon present a draft agreement on the exchange of Passenger Name Record (PNR) data with Canada. Airlines will again be obliged to provide the Canadian police with detailed information about the travelers before each flight. Personal and address data, payment information, travel history, the travel agency used and even the travel agent will be processed.
Although the negotiations with Canada were started at the same time as Australia and the U.S. While the other agreements have been ratified by the EU Parliament in the meantime, talks with Canada were delayed because of the elections there. The government in Ottawa apparently wanted to wait for the final conclusion of the agreement with the U.S., ratified by the EU Parliament in April, in order to use it as a template. The EU Commission, on the other hand, is trying to transfer the agreement with Australia, which was adopted last fall, to Canada.
Canada may also have been playing for time, waiting for the results of negotiations on visa ies: all citizens of EU member states are to be allowed to enter the country without having to apply for a visa, something that Canada has been hesitant to do.B. for citizens of the Czech Republic, Romania and Bulgaria.
Negotiations started from the beginning
After five rounds of negotiations in 2011, talks on the PNR agreement only resumed in May this year. Another meeting took place in June in the capital city of Ottawa. Here, the negotiations started all over again: Canada, for example, wants to use the data also to fight inland "serious crime" use. The EU Commission’s position is that this may only be maintained in the case of cross-border crime. EU demands Canada give data subjects right to access stored information. However, Canadian law only provides this for those who are in the country. Requests from foreign travelers have not been addressed.
It is also unclear whether the authorities are allowed to query the data in the "Pull procedure" data in the database, i.e. whether they have access to the database themselves. While most airlines in the "Push procedure" only on request of the authorities, Canada shall have its own access at least for a transitional period.
The Canadian delegation also put forward the demand for a retention period of five years, although under current practice the data are only retained for three and a half years. against a so-called "retention period" "Masking" However, the authorities are open. After 30 days, the data is to be masked in such a way that it can no longer be assigned to specific individuals by all those authorized to access it.
Among other things, Canada wanted clarification on current cross-border police cooperation within the EU. Corresponding agreements also with so-called "Third countries" are relevant to the PNR agreement insofar as the EU police agency Europol, for example, is allowed to pass on data. Canadian authorities were not able to intervene against this.
The PNR agreement with the government in Washington was rushed through so quickly that several member states felt ignored: Although some delegations had serious reservations, the Commission had agreed on what it considered to be a finished text with the U.S. negotiators (Passenger Data Crime Story). The German Ministry of the Interior now explicitly asks the Commission to provide regular information on the state of negotiations with Canada.
Stored data also "of innocent and unpunished persons"
The EU is working on its own system to store and analyze passenger data. The goal is postulated to be, "effectively prevent, detect, investigate and prosecute terrorist crimes and serious crime".
As demanded by Canada, the EU member states are to set up a PNR central office "Passenger Information Unit" to set up a criminal investigation department, which would then be supplied by the airlines. There are 19 categories of data of interest, which multiply to about 60 different data sets.
The information obtained in this way will then be compared with other police databases in which, for example, wanted persons and objects are stored. Recorded financial transactions can also be used. For this purpose, the EU has also concluded an agreement with the USA: Any foreign transfers processed by the Belgian financial services provider SWIFT are transmitted to the U.S. Department of Homeland Security (Swift, Stockholm program: show of force in Brussels).
According to the EU Commission, this screening can lead to the following "persons are identified who were not ‘known’ until now". However, a presumably high number of contacts or other random matches are also processed: For example, if travelers use a telephone in the same room of a hotel that a person who has since been identified as a suspect has previously used, this may result in the retention of.
The processing of the data "of innocent and unsuspected persons" is even admitted by the EU Commission. The well-known U.S. activist Edward Hasbrouck, who long fought against the PNR agreement with the U.S., had only learned this after years of tug-of-war from the Department of Homeland Security. Homeland Security had kept a record of who he had traveled with in the past, the gender of the person, and whether a room with separate beds or a double bed was booked when he stayed overnight. "So in the end, the database also contains information about who sleeps with whom", Hasbrouck concludes.