MEPs approved the agreement on the transfer of EU air passengers' personal data to the US
The European Parliament adopted the deal on the transfer of EU air passengers' personal data to the US authorities, and that sets legal conditions and covers issues such as storage periods, use, data protection safeguards and administrative and judicial redress. The data will be used by United States to prevent, detect, investigate and prosecute terrorism and serious transnational crimes. Transnational crimes are defined as crimes punishable by 3 years of imprisonment or more under US law.
MEPs adopted at the plenary session the EU-US Passenger Name Record (PNR) agreement with 409 votes in favour, 226 against and 33 abstentions. The agreement was previously negotiated with the Council and was voted in the Civil Liberties Committee on March 2012. A proposal to refer the agreement to the European Court of Justice was rejected by MEPs before the vote on the agreement.
Among other things, the new agreement implies that US authorities will keep PNR data in an active database for up to 5 years. These data are collected by air carriers during the reservation process and include names, addresses, credit card details and seat numbers of air passengers. After the first 6 months, all information which could be used to identify a passenger would be "depersonalized", meaning that data such as the passenger's name or her/his contact information would be codified. After the first 5 years, the data will be moved to a "dormant database" for up to 10 years, with stricter access requirements for US officials.
On the other hand, the data that classified as sensitive data such as those revealing the ethnic origin, religious beliefs, physical or mental health or sexual orientation of a passenger could be used in exceptional circumstances when a person's life is at risk. This data will be accessed only case-by-case and will be permanently deleted after 30 days from receipt, unless it is used for a specific investigation.