EU, US sign passenger data sharing deal

Critics of last week's agreement allowing European passengers' personal data to be shared with U.S. authorities have just under a month to reshape the accord before it comes into force, said Stavros Lambrinidis, vice president of the European Parliament's civil liberties committee Monday.

"There is a battle to make this agreement respectful of European citizens' civil liberties, and it's not over," he said in a telephone interview.

The European Parliament has no direct say in the shaping of an agreement that will give U.S. customs, the U.S. Department of Homeland Security and other agencies including the U.S. Central Intelligence Agency free access to airlines' passenger databases to help them prevent potential terrorist attacks.

However, some national parliaments will get the chance. "There are about six or seven countries that have to debate this agreement. There is still a chance to change it," Lambrinidis said.

The U.S. government demanded access to information about everyone flying to the U.S. from the E.U. in the wake of the terrorist attacks in September 2001.

However, by complying with the demand, airlines would have been breaching strict European data protection laws, so the U.S. and E.U. drafted an exemption clause from the laws, which they claim was respectful of European citizens' data.

The European Court of Justice annulled that agreement last year and gave the two sides until the end of this month to come up with an alternative.

Failure to do so would leave European airlines exposed to massive fines and the possible loss of landing slots in the U.S if they don't continue to hand over the data, or legal action on data protection grounds in the E.U. if they do.

"It's clear that there has to be an agreement but not one like this," Lambrinidis said.

The agreement that was reached during a phone call between German Interior Minister Wolfgang Schaeuble, E.U. justice and home affairs commissioner Franco Frattini and U.S. Secretary for Homeland Security Michael Chertoff last Wednesday reduces the fields of data to be shared from 34 at present to 19.

These fields include information such as name, credit-card details and travel itinerary. They won't include dietary requirements, which could be used to identify someone's religion.

However, it extends the length of time the U.S. authorities can hold the data from three years to 15 years, and it allows U.S. agencies to dip into the databases at their will.

In an interview last week, Europe's data protection supervisor, Peter Hustinx, said his main concern was that the E.U. would grant American agencies the right to pull up information about Europeans whenever they want. He called for a push mechanism, meaning that database managers for the airlines would have to pass over the data, instead.

Like the temporary accord it replaces, the new agreement promises an eventual switch to a push mechanism.