Document stages in plenary
Document selected : RC-B6-0278/2007

Texts tabled :


Debates :

Votes :

PV 12/07/2007 - 6.7
CRE 12/07/2007 - 6.7
Explanations of votes

Texts adopted :


PDF 117kWORD 70k
PE 392.993v01-00}
PE 392.995v01-00}
PE 392.996v01-00}
PE 393.000v01-00} RC1
B6‑0285/2007} RC1
pursuant to Rule 103(2) of the Rules of Procedure, by
   Martine Roure and Stavros Lambrinidis, on behalf of the PSE Group
   Sophia in 't Veld, on behalf of the ALDE Group
   Kathalijne Maria Buitenweg and Eva Lichtenberger, on behalf of the Verts/ALE Group
   Sylvia-Yvonne Kaufmann and Giusto Catania, on behalf of the GUE/NGL Group
replacing the motions by the following groups:
   PSE (B6‑0278/2007)
   ALDE (B6‑0280/2007)
   Verts/ALE (B6‑0281/2007)
   GUE/NGL (B6‑0285/2007)
on the PNR agreement with the United States

European Parliament resolution on the PNR agreement with the United States 

The European Parliament,

–  having regard to Article 6 TEU, Article 8 of the Charter of Fundamental Rights and Article 8 of the European Convention on Human Rights,

–  having regard to its resolutions on PNR of 7 September 2006 (P6_TA(2006)0354) and of 14 February 2007 (P6_TA(2007)0039),

–  having regard to the previous PNR agreements between the European Community and the United States of America of 28 May 2004 and between the European Union and the United States of America of 19 October 2006,

–  having regard to the draft agreement of 28 June 2007 between the European Union and the United States of America on the processing and transfer of PNR data by air carriers to the United States Department of Homeland Security (DHS), informally transmitted by the President-in-Office, Mr Schäuble, to the Chair of the LIBE committee,

–  having regard to the letter from the DHS of 28 June 2007 on the assurances explaining its safeguarding of PNR data, informally transmitted by the President-in-Office, Mr Schäuble, to the Chair of the LIBE committee,

–  having regard to the letter of the European Data Protection Supervisor of 27 June 2007, concerning the new PNR agreement with the US, addressed to the President-in-Office, Mr Schäuble,

–  having regard to Article 2 of the Council of Europe's Additional Protocol to the Convention for the Protection of Individuals with regard to Automatic Processing of Personal Data, regarding supervisory authorities and transborder data flows,

–  having regard to Directive 2004/82/EC on the obligation of carriers to communicate passenger data,

–  having regard to Rule 103(2) of its Rules of Procedure,

A.  whereas the declared purpose of the PNR agreement is to provide a legal basis for the transfer of EU PNR data to the US on the one hand, and to ensure an adequate protection of personal data and procedural safeguards for European citizens on the other,

B.  whereas the PNR agreement fails to meet the second objective, as it is substantively flawed as regards legal certainty, data protection and legal redress for EU citizens, in particular by open and vague definitions and multiple possibilities for exceptions,

C.  whereas adequate protection of the privacy and civil liberties of individual citizens and data quality controls are necessary if the sharing of data and information is to be a valuable and reliable tool in the fight against terrorism,


1.  Recognises the difficult conditions under which the PNR negotiations took place, and acknowledges, in principle, the benefit of having a single EU-US PNR agreement rather than 27 bilateral agreements between the Member States and the US;

2.  Strongly regrets the lack of democratic oversight of any kind, as the PNR agreement, prompted by US requirements, has been negotiated and agreed without any involvement of the European Parliament and leaving insufficient opportunity for national parliaments to exercise any influence over the negotiating mandate, to thoroughly assess the proposed agreement, or to propose modifications to it;

3.  Is concerned at the persistent lack of legal certainty as regards the consequences and scope of the obligations imposed on the airlines as well as the legal relationship between the PNR agreement and the DHS letter;

4.  Criticises the failure of the PNR agreement to offer an adequate level of protection of PNR data, and regrets the lack of clear and proportionate provisions as regards the sharing of information and retention and supervision by data protection authorities; is concerned about the numerous provisions that are to be implemented at the discretion of the DHS;

5.  Calls, therefore, on the national parliaments of the Member States to examine the present draft agreement carefully in the light of the observations made in this resolution;

As regards the legal framework

6.  Is concerned that the DHS's handling, collection, use and storage of PNR data is not founded on a proper agreement, but only on non-binding assurances that can be unilaterally changed by the DHS at any given moment and that do not confer any rights or benefits on any person or party;

7.  Regrets the lack of clear purpose limitation given in the DHS letter, which notes that the PNR data may be used for the fight against terrorism and related crimes, but also for a range of unspecified additional purposes, notably 'for the protection of the vital interests of the data subject or other persons, or in any criminal judicial proceedings, or as otherwise required by law';

8.  Welcomes the willingness of the DHS to move to the PUSH system no later than 1 January 2008 in principle, but regrets the fact that the shift – already foreseen in the 2004 PNR agreement – has been delayed for years, even if the condition of technical feasibility has long since been met; believes that the PUSH system for all carriers should be a sine qua non for PNR transfers; stresses that the concurrent existence of the 'PUSH' and 'PULL' systems could lead to a distortion of competition between EU carriers;

9.  Insists that the joint periodic review by the DHS and the EU must be comprehensive and take place annually and that the results must be published; insists that the review must include an assessment of the effectiveness of the measures in terms of greater security; regrets the fact that the review does not foresee any involvement of national or European data protection supervisors, which was provided for under the previous PNR agreement;

10.  Insists that passengers must be properly informed of the use of their data and their rights, especially the right to redress and the right to be informed on what basis a traveller is stopped, and that this obligation rests with the airlines; believes that the DHS and the Commission must take responsibility for the information provided to passengers and proposes that the 'Short notice for travel between the European Union and the United States' suggested by the Article 29 Working Party (WP 132) be made available to all passengers;

11.  Regrets the fact that the EU negotiations with the US took no account of Directive 2004/82 or of the EU's PNR agreements with Australia and Canada, which ensure higher standards of protection of personal data;

12.  Recalls that the administrative agreement concluded between the EU and the US must not have the effect of reducing the level of protection of personal data assured by Member States' national legislation, and regrets that it will create further confusion as to the obligations of EU airlines and the fundamental rights of EU citizens;

As regards data protection

13.  Welcomes the provision that the US Privacy Act will be extended administratively to EU citizens;

14.  Regrets the fact that the DHS reserves the right to introduce exemptions under the Freedom of Information Act;

15.  Regrets the failure of the agreement to foresee precise criteria for the definition of the protection of personal data offered by the DHS as adequate according to EU standards;

16.  Deplores, in this respect, the fact that EU citizens' PNR data are to be treated solely according to US law, without an adequacy assessment or any indication of the specific US legislation applicable;

17.  Deplores the fact that the length of retention of PNR data will be extended from 3.5 years to 15 years, as well as this being retroactively applied to data collected under the previous PNR agreements; strongly criticises the fact that after the 15-year retention period, composed of a 7-year 'active' and an 8-year 'dormant' period, there is no guarantee that the data will be definitively deleted;

18.  Takes note of the reduction in data fields from 34 to 19, but points out that the reduction is largely cosmetic due to the merging and renaming of data fields instead of actual deletion;

19.  Notes with concern that sensitive data (i.e. personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, and data concerning the health or sex life of the individual), will be made available to the DHS and that these data may be used by the DHS in exceptional cases;

20.  Is concerned that data will be kept for seven years in 'active analytical databases', leading to a significant risk of massive profiling and data mining, which is incompatible with basic European principles and is a practice still under discussion in the US Congress;

As regards sharing of information

21.  Regrets the failure of the agreement to define precisely which US authorities may access the PNR data;

22.  Is concerned at the envisaged transfer of analytical information flowing from PNR data from the US authorities to police and judicial authorities in the Member States, and possibly to Europol and Eurojust, outside the framework of specific judicial procedures or police investigations, as mentioned in the DHS letter, since this should only be allowed in accordance with the existing EU-US agreements on mutual legal assistance and extradition;

23.  Strongly opposes the provision that third countries in general may be given access to PNR data if adhering to DHS-specified conditions, and that third countries may exceptionally, in unspecified emergency cases, be given access to PNR data without assurances that the data will be handled according to the DHS level of data protection;

24.  Regrets the fact that the EU has accepted 'not to interfere' concerning the protection of EU citizens' PNR data that may be shared by the US with third countries;

25.  Notes that the agreement allows the DHS to provide PNR data to other domestic government authorities in relation to specific cases and in proportion to the nature of the case; regrets that the agreement lacks any indication as to which US authorities may access the PNR data and that the purposes foreseen in Article I of the DHS letter are very broad;

As regards a European PNR system

26.  Notes that the agreement makes reference to a possible future PNR system at the level of the EU or in one or more of its Member States, and the provision that any PNR data in such a system may be made available to the DHS;

27.  Demands that the Commission clarify the state of play with regard to an EU PNR system, including making available the feasibility study it has pledged to undertake;

28.  Repeats the concerns expressed by the Article 29 Working Party as regards the use of PNR data for law enforcement purposes, notably calling on the Commission to substantiate:

a)  the operational need and purpose of collecting PNR data at the point of entry into EU territory;

b)  the added value of collecting PNR data in the light of the already existing control measures at the point of entry into the EU for security purposes, such as the Schengen system, the Visa Information System, and the API system;

c)  the use that is foreseen for PNR data, in particular whether it is for identifying individuals in order to ensure air security, for identifying who enters the territory of the EU, or for general negative or positive profiling of passengers;

29.  Insists that the European Parliament be involved, pursuant to Article 71(1)(c) TEC and Article 251 of the EC Treaty, in all relevant developments;

30.  Recalls that the PNR agreement will eventually have to be reviewed in the light of future EU institutional reforms, as outlined in the conclusions of the European Council of June 2007 and in the mandate for the next IGC;

31.  Intends to seek legal appraisal of the agreement for conformity with national and EU legislation, and invites the Article 29 Working Party and the European Data Protection Supervisor to present comprehensive opinions in this respect;


o  o

32.  Instructs its President to forward this resolution to the Council, the Commission, the Governments and Parliaments of the Member States, and the US Congress.

Legal notice - Privacy policy